CSRF is a security vulnerability where an attacker can induce legitimate users to perform unwarranted actions without their knowledge. Legit users usually authenticate themselves before accessing backend applications and maintain their sessions using the session cookie provided by the application.
Users use these session cookies to access their session. CSRF attackers can take advantage of users' active sessions and induce users to send requests in the background without the users knowing about it through clickbait.
For more information on CSRF protection through Avi Load Balancer, see CSRF Protection.