somewhat like an opportunistic attack, where the attacker creates a link and exposes it to a user, if the user clicks on the link, and they happen to be logged into that website, and the link has some commands that it executes, the attacker can make the user unwittingly send the attackers commands to the server.
exploits the trust that remotes sites have in user’s system to execute commands on the user’s behalf
some measures could include creating secure queries, such as nonces or just unique in some way, or ensuring the referrers URL is only accepted from within their domain.