VYPR
High severityNVD Advisory· Published Sep 4, 2008· Updated Jun 16, 2026

CVE-2008-3909

CVE-2008-3909

Description

The administration application in Django 0.91, 0.95, and 0.96 stores unauthenticated HTTP POST requests and processes them after successful authentication occurs, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and delete or modify data via unspecified requests.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
DjangoPyPI
>= 0.91.0, < 0.91.30.91.3
DjangoPyPI
>= 0.95.0, < 0.95.40.95.4
DjangoPyPI
>= 0.96.0, < 0.96.30.96.3

Affected products

2

Patches

Vulnerability mechanics

References

17

News mentions

0

No linked articles in our index yet.