Описание
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password.
Релиз | Статус | Примечание |
---|---|---|
bionic | released | 1:2.1.26-1ubuntu0.4 |
esm-apps/focal | released | 1:2.1.29-1ubuntu3.1 |
esm-infra/bionic | not-affected | 1:2.1.26-1ubuntu0.4 |
esm-infra/xenial | released | 1:2.1.20-1ubuntu0.6+esm1 |
focal | released | 1:2.1.29-1ubuntu3.1 |
upstream | released | 2.1.35 |
Показывать по
Ссылки на источники
EPSS
4 Medium
CVSS2
4.3 Medium
CVSS3
Связанные уязвимости
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password.
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password.
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A cer ...
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password.
EPSS
4 Medium
CVSS2
4.3 Medium
CVSS3