id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
5292	CsrfMiddleware does not protect from forged POST request with no data	Jakub Wilk <django@…>	Adrian Holovaty	django.contrib.csrf.!CrsfMiddleware permits any POST request with no data. This is entirely wrong.		closed	Contrib apps	dev		fixed			Ready for checkin	1	0	0	0	0	0