Cross-site request forgeries
Cross-site request forgeries (CSRF) are attacks that trick the victim's browser into submitting a request to another site where the user is logged in, causing that site to believe the user has initiated an action, and that action is then executed as if the user had initiated it. In other words, cross-site request forgeries execute some action on a site that the user never intended.
One example would be if while you are logged into your bank's online banking site someone got you to visit a page that contained the following <img> tag:
<img src="http://www.bank.com/transfer.php?amount=10000&from=8982773722&to=898271972">
As we already know that an <img> tag can be used to execute GET requests, this would cause money to be transferred from one account to another assuming the banking site can do this via GET requests. This is the essence of CSRF attacks—to embed code into a page that causes an action to be executed without the user's knowledge...
