Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-44227: Bug #1952384 “A CSRF vulnerability could allow a list moderator ...” : Bugs : GNU Mailman

In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes.

CVE
#csrf#vulnerability#web

A CSRF vulnerability could allow a list moderator or list member to access the admin UI

Bug #1952384 reported by Mark Sapiro on 2021-11-26

This bug affects 1 person

Affects

Status

Importance

Assigned to

Milestone

GNU Mailman

Fix Released

Medium

Mark Sapiro

GNU Mailman 2.1.38

You need to log in to change this bug’s status.

Affecting:

GNU Mailman

Filed here by:

Mark Sapiro

When:

2021-11-26

Confirmed:

2021-11-26

Assigned:

2021-11-26

Started work:

2021-11-26

Completed:

2021-11-30

Target

Distribution

Package

(Find…)

Project

(Find…)

Status

Importance

Milestone

Medium

GNU Mailman 2.1.38

Assigned to

Me

Mark Sapiro (msapiro)

Comment on this change (optional)

Email me about changes to this bug report

Bug Description

A list moderator or list member can potentially carry out a CSRF attach by getting a list admin to visit a crafted web page.

A moderator or list member can get an admindb or options page with a CSRF token and use that token in a crafted POST request to the admin page to change the list admin password or other settings and convince an admin to submit the POST.

Likewise, a list member can do the same with a POST to the admindb page to handle requests.

Related branches

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907