Cross-Site Request Forgery (CSRF) is a type of security vulnerability that allows an attacker to trick a user into performing actions on a web application without their consent. This usually happens when a user is logged into a site and visits a malicious page that sends unauthorized requests to that site, potentially altering data or performing actions on behalf of the user. To prevent CSRF attacks, web developers can implement various security measures, such as using anti-CSRF tokens or requiring re-authentication for sensitive actions. These methods help ensure that requests made to a web application are legitimate and initiated by the authenticated user.