diff --git a/changelog.d/3157.security.md b/changelog.d/3157.security.md
new file mode 100644
index 0000000000..ef8cd2e57c
--- /dev/null
+++ b/changelog.d/3157.security.md
@@ -0,0 +1 @@
+Ensure that CSRF token info is included when reusing NAV's form templates. This means that flat_form.html and _form_content.html templates will always include a hidden CSRF token input regardless of which form method is set.
diff --git a/python/nav/web/templates/custom_crispy_templates/_form_content.html b/python/nav/web/templates/custom_crispy_templates/_form_content.html
index aa163528d2..b2e5cc6658 100644
--- a/python/nav/web/templates/custom_crispy_templates/_form_content.html
+++ b/python/nav/web/templates/custom_crispy_templates/_form_content.html
@@ -1,9 +1,7 @@
 {# NB! This template can be used directly (without form template wrapper) for cases where form.helper.form_tag is set to False. #}
 {% load forms %}
 
-{% if form.attrs.method|lower == 'post' %}
-  {% csrf_token %}
-{% endif %}
+{% csrf_token %}
 
 {% include 'foundation-5/errors.html' %}