Which of the following is the main risk associated with

Solution

Cross-Site Request Forgery (CSRF) attacks occur when an attacker tricks a user into performing unwanted actions on a web application in which they are authenticated. For example, the attacker can craft a malicious request that causes the victim's browser to submit an unauthorized action (such as transferring funds or changing account details) without their knowledge. The key danger is that the victim is still authenticated, and the web application believes the action is legitimate because it comes from the victim's browser. Option B is incorrect because inserting malicious code into a database refers to SQL Injection, not CSRF. Option C is incorrect since data interception during transmission is more related to a Man-in-the-Middle (MitM) attack, not CSRF. Option D is incorrect as overloading the server with traffic is a hallmark of a DDoS attack, not CSRF. Option E is incorrect, though CSRF attacks can sometimes target administrative actions; the main risk is performing unauthorized actions, not specifically gaining admin access.