Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2008-3909

Опубликовано: 04 сент. 2008
Источник: debian

Описание

The administration application in Django 0.91, 0.95, and 0.96 stores unauthenticated HTTP POST requests and processes them after successful authentication occurs, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and delete or modify data via unspecified requests.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
python-djangofixed1.0-1package

Примечания

  • http://www.djangoproject.com/weblog/2008/sep/02/security/

Связанные уязвимости

ubuntu логотип

CVE-2008-3909

ubuntu
больше 17 лет назад

The administration application in Django 0.91, 0.95, and 0.96 stores unauthenticated HTTP POST requests and processes them after successful authentication occurs, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and delete or modify data via unspecified requests.

nvd логотип

CVE-2008-3909

nvd
больше 17 лет назад

The administration application in Django 0.91, 0.95, and 0.96 stores unauthenticated HTTP POST requests and processes them after successful authentication occurs, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and delete or modify data via unspecified requests.

github логотип

GHSA-r5cj-wv24-92p5

CVSS3: 7.5
github
почти 4 года назад

Django cross-site request forgery (CSRF) vulnerability