State of Software Security Flaw Frequency by Language [pdf]

Pretty light on details and to get the full report you have to give them your email.

At some point the flaws seem correlated to libraries and not the language. Like in python the common security flaws are CSRF and XSS. Both these should be by default prevented in django, so one wonders what web library these apps use, or if there are problems in django that makes it too easy to bypass the security features.