AVG-2598 log
| Package | mailman |
| Status | Fixed |
| Severity | Medium |
| Type | cross-site request forgery |
| Affected | 2.1.37-1 |
| Fixed | 2.1.38-1 |
| Current | Removed |
| Ticket | None |
| Created | Thu Dec 2 08:03:07 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-44227 | Medium | Yes | Cross-site request forgery | In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or... |