Ok, I try to explain why and when this message appears:
In simple words a CSRF attack means that someone else uses your form in order to execute commands in your context without your knowledge.
en.wikipedia.org/wiki/Cross-site_request_forgery
To prevent this the web app (here uddeIM) creates a random number that is delivered within the form. Only the correct user can fill in the form and send it back, a different user with the wrong number will raise a "CSRF attack" error.
The problem is that when a user uses the back button the session which stores the number on server side is also destroyed, so that uddeIM cannot verify the correctness of the number and raises the error. Also when a user does not allow cookies or uses a web washer, this error may appear.
Since I have not heard that a uddeIM site was used for a CSRF attack before it is ok to switch the protection of. I added it because of a request of a very major site which could be used for such an attack.