Magento is delivering superior security to all of their clients and has been actively investigating the root cause of the reported issue and try to fix for security issue found in the system.
To prevent CSRF attacks for Magento backend you need to enable Add Secret Key to URLs, Out of the box, Magento provides this feature as enabled.
To reduce potential CSRF attacks in Magento 2 do the following steps. Continue reading “Add Secret Key to URLs in Magento 2.”