This will sometimes be seen after a browser session has timed out to the appliance. You will see the following pop-up:
The WebUI is vulnerable to cross site request forgery (CSRF). A remote attacker can gain access to the WebUI by persuading an administrator to visit a malicious website using spear phishing emails or other social engineering techniques. If the administrator is already authenticated to the SSL Visibility appliance, the remote attacker can use the existing session to perform actions as the administrator without the administrator’s knowledge. More details are available via Security Advisories ID: SA96.
As a workaround, the user is required to close the browser and start a fresh browser session.