Описание
Important: mailman:2.1 security update
Mailman is a program used to help manage e-mail discussion lists.
Security Fix(es):
- mailman: CSRF token bypass allows to perform CSRF attacks and admin takeover (CVE-2021-44227)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Затронутые продукты
Rocky Linux 8
Связанные CVE
Исправления
- Red Hat - 2026862
Связанные уязвимости
In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes.
In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes.
In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes.
In GNU Mailman before 2.1.38, a list member or moderator can get a CSR ...
