Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-40347

Опубликовано: 10 сент. 2021
Источник: ubuntu
Приоритет: medium
CVSS2: 5.5
CVSS3: 5.4

Описание

An issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker (logged into any account) can send a crafted POST request to unsubscribe any user from a mailing list, also revealing whether that address was subscribed in the first place.

РелизСтатусПримечание
bionic

released

1.1.2-3ubuntu0.1
devel

released

1.3.5-1
esm-apps/bionic

released

1.1.2-3ubuntu0.1
esm-apps/focal

released

1.2.4-1ubuntu0.1
esm-apps/jammy

released

1.3.5-1
esm-infra-legacy/trusty

DNE

focal

released

1.2.4-1ubuntu0.1
hirsute

released

1.3.4-1ubuntu0.1
impish

released

1.3.4-2ubuntu0.1
jammy

released

1.3.5-1

Показывать по

Ссылки на источники

5.5 Medium

CVSS2

5.4 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2021-40347

CVSS3: 5.4
nvd
больше 4 лет назад

An issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker (logged into any account) can send a crafted POST request to unsubscribe any user from a mailing list, also revealing whether that address was subscribed in the first place.

debian логотип

CVE-2021-40347

CVSS3: 5.4
debian
больше 4 лет назад

An issue was discovered in views/list.py in GNU Mailman Postorius befo ...

github логотип

GHSA-v83x-78q3-gr2j

CVSS3: 5.4
github
больше 3 лет назад

GNU Mailman Postorius Access Control Issues

5.5 Medium

CVSS2

5.4 Medium

CVSS3