2024 CWE Top 25 Most Dangerous Software Weaknesses: Cross-Site Request Forgery (CSRF) CWE-352
CSRF is a security vulnerability that tricks a victim into performing unintended actions on a web application where they are authenticated. By exploiting the trust that a website places in the user’s browser, attackers can force users to execute actions without their consent or knowledge.