Too Long; Didn't Read
A CSRF attack tricks a victim into submitting a malicious request to a website where they are authenticated** (logged in) CSRF attacks often target a state change on the server. CSRF Attacks take advantage of the fact that browsers automatically send cookies to the server in each request. The server does not implement CSRF prevention techniques (which will be discussed below) There are four prerequisites for a CSRF Attack to succeed: the user must be authenticated, the server must store authentication information in cookies.