Share:

CVE-2021-44227 - Gnu Mailman

December 2, 2021

Critical 8.8

In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes.

Affected software

Gnu Mailman

Reference links

https://bugs.launchpad.net/mailman/+bug/1952384

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.