CSRF: Cross-site request forgery or XSRF.. basically type of subtle attack that exploit the hole where a browser has already been authenticated - to send unauthorized command.

Unlinke XSS (Cross-site scripting), which exploits the trust of a user to website, CSRF exploits the trust of a web tie in a user's browser.

some preventive measure:
RequestPolicy Firefox extension.

NoScript Firefox extension

Labels: security