CVE-2021-44227 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Cross-site request forgery |
Description | In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-2598 | mailman | 2.1.37-1 | 2.1.38-1 | Medium | Fixed |