Cross-Site Request Forgery (CSRF) is a type of attack that causes an authorized user to do undesirable activities on a web application. An attacker can deceive users of a web application into doing activities of the attacker's choosing using social engineering techniques.