Cross site Request Forgery is a significant security risk that violates the integrity of the instance data. An attacker can launch the CSRF attack on any instance user by abusing the application's trust on the instance user. With the help of social engineering attacks, a user can submit a malformed request on behalf of the attacker on the instance.
Set the system property "glide.security.use_csrf_token" to true to enable an extra validation step before the instance user submits a write request to the instance.
Time to fix
This rule is linked to Common Weakness Enumeration CWE-150 Improper Neutralization of Escape.