If you design websites that employ user log-on abilities for which you maintain their sessions, you have to become familiar with cross-site request forgery (CSRF) and how to defend against it. It isn’t anything new, but but you see it pop up time and time again. It’s, shall I say, fairly important to your application’s security (and your end-user’s data).

Mario sums up CSRF perfectly - http://www.gnucitizen.org/blog/csrf-demystified