In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes.
Max CVSS
8.8
EPSS Score
0.11%
Published
2021-12-02
Updated
2022-12-09
In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack.
Max CVSS
6.5
EPSS Score
0.11%
Published
2021-11-12
Updated
2022-12-09
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover).
Max CVSS
8.5
EPSS Score
0.26%
Published
2021-10-21
Updated
2021-11-05
Cross-site request forgery (CSRF) vulnerability in the admin web interface in GNU Mailman before 2.1.15 allows remote attackers to hijack the authentication of administrators.
Max CVSS
8.8
EPSS Score
0.16%
Published
2016-09-02
Updated
2017-07-29
Cross-site request forgery (CSRF) vulnerability in the user options page in GNU Mailman 2.1.x before 2.1.23 allows remote attackers to hijack the authentication of arbitrary users for requests that modify an option, as demonstrated by gaining access to the credentials of a victim's account.
Max CVSS
8.8
EPSS Score
0.23%
Published
2016-09-02
Updated
2017-08-13
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!