A CSRF attack occurs when a user is tricked into interacting with a page or script on a
third-party site that generates a malicious request to your site. All your server will see is an
HTTP request from an authenticated user. However, an attacker takes control over the form of the
data sent in the request to cause mischief.