ID | CVE-2008-3909 | ||||||
Sažetak | The administration application in Django 0.91, 0.95, and 0.96 stores unauthenticated HTTP POST requests and processes them after successful authentication occurs, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and delete or modify data via unspecified requests. | ||||||
Reference |
|
||||||
CVSS |
|
||||||
Pristup |
|
||||||
Impact |
|
||||||
CVSS vektor | AV:N/AC:M/Au:N/C:N/I:P/A:P | ||||||
Zadnje važnije ažuriranje | 08-03-2011 - 03:11 | ||||||
Objavljeno | 04-09-2008 - 17:41 |