AVG-2598 log
Package | mailman |
Status | Fixed |
Severity | Medium |
Type | cross-site request forgery |
Affected | 2.1.37-1 |
Fixed | 2.1.38-1 |
Current | Removed |
Ticket | None |
Created | Thu Dec 2 08:03:07 2021 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2021-44227 | Medium | Yes | Cross-site request forgery | In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or... |