Количество 9
Количество 9
GHSA-vj65-f4hc-r425
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover).
CVE-2021-42097
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover).
CVE-2021-42097
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover).
CVE-2021-42097
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover).
CVE-2021-42097
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csr ...
openSUSE-SU-2021:1436-1
Security update for mailman
RLSA-2021:4826
Important: mailman:2.1 security update
ELSA-2021-4826
ELSA-2021-4826: mailman:2.1 security update (IMPORTANT)
ELSA-2021-4913
ELSA-2021-4913: mailman security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-vj65-f4hc-r425 GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover). | 1% Низкий | около 3 лет назад | |
 | CVE-2021-42097 GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover). | CVSS3: 8 | 1% Низкий | больше 3 лет назад |
 | CVE-2021-42097 GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover). | CVSS3: 8 | 1% Низкий | больше 3 лет назад |
 | CVE-2021-42097 GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover). | CVSS3: 8 | 1% Низкий | больше 3 лет назад |
| CVE-2021-42097 GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csr ... | CVSS3: 8 | 1% Низкий | больше 3 лет назад |
 | openSUSE-SU-2021:1436-1 Security update for mailman | больше 3 лет назад | ||
 | RLSA-2021:4826 Important: mailman:2.1 security update | больше 3 лет назад | ||
| ELSA-2021-4826 ELSA-2021-4826: mailman:2.1 security update (IMPORTANT) | больше 3 лет назад | ||
| ELSA-2021-4913 ELSA-2021-4913: mailman security update (IMPORTANT) | больше 3 лет назад |
Уязвимостей на страницу