Lucene search
MitreCVELIST:CVE-2008-3909HistorySep 04, 2008 - 5:00 p.m.
CVE-2008-3909
2008-09-0417:00:00
mitre
www.cve.org
The administration application in Django 0.91, 0.95, and 0.96 stores unauthenticated HTTP POST requests and processes them after successful authentication occurs, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and delete or modify data via unspecified requests.
References
osvdb.org/47906
secunia.com/advisories/31837
secunia.com/advisories/31961
www.debian.org/security/2008/dsa-1640
www.djangoproject.com/weblog/2008/sep/02/security/
www.openwall.com/lists/oss-security/2008/09/03/4
www.vupen.com/english/advisories/2008/2533
bugzilla.redhat.com/show_bug.cgi?id=460966
www.redhat.com/archives/fedora-package-announce/2008-September/msg00091.html
www.redhat.com/archives/fedora-package-announce/2008-September/msg00131.html
Related
cve
cve
CVE-2008-3909
2008-09-04 17:41:00
openvas
openvas
Fedora Update for Django FEDORA-2008-7288
2009-02-17 00:00:00
Fedora Update for Django FEDORA-2008-7288
2009-02-17 00:00:00
Debian: Security Advisory (DSA-1640-1)
2008-09-24 00:00:00
osv
osv
Django cross-site request forgery (CSRF) vulnerability
2022-05-02 00:05:00
PYSEC-2008-2
2008-09-04 17:41:00
python-django - cross site request forgery
2008-09-20 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : python-django (MDVSA-2008:185)
2009-04-23 00:00:00
Fedora 9 : Django-0.96.3-1.fc9 (2008-7672)
2008-09-10 00:00:00
Fedora 8 : Django-0.96.3-1.fc8 (2008-7288)
2008-09-10 00:00:00
ubuntucve
ubuntucve
CVE-2008-3909
2008-09-04 00:00:00
prion
prion
Cross site request forgery (csrf)
2008-09-04 17:41:00
nvd
nvd
CVE-2008-3909
2008-09-04 17:41:00
github
github
Django cross-site request forgery (CSRF) vulnerability
2022-05-02 00:05:00
debiancve
debiancve
CVE-2008-3909
2008-09-04 17:41:00
gitlab
gitlab
Cross-Site Request Forgery (CSRF)
2022-05-02 00:00:00
debian
debian