Описание
GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/focal | needs-triage | |
| esm-infra/bionic | needs-triage | |
| esm-infra/xenial | needs-triage | |
| focal | ignored | end of standard support, was needs-triage |
| jammy | DNE | |
| noble | DNE | |
| oracular | DNE | |
| plucky | DNE | |
| questing | DNE |
Показывать по
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used.
GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthentic ...
GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint.
Уязвимость пакета управления рассылками электронных писем GNU Mailman, связанная с недостатками механизма авторизации, позволяющая нарушителю создавать произвольные файлы
EPSS
5.3 Medium
CVSS3