Security
Headlines
HeadlinesLatestCVEs

Tag

#csrf

RHSA-2021:4915: Red Hat Security Advisory: mailman:2.1 security update

An update for the mailman:2.1 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-44227: mailman: CSRF token bypass allows to perform CSRF attacks and admin takeover

Red Hat Security Data
#csrf#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes
RHSA-2021:4916: Red Hat Security Advisory: mailman:2.1 security update

An update for the mailman:2.1 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-44227: mailman: CSRF token bypass allows to perform CSRF attacks and admin takeover

CVE-2021-44227: Bug #1952384 “A CSRF vulnerability could allow a list moderator ...” : Bugs : GNU Mailman

In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes.

CVE-2021-44227: Bug #1952384 “A CSRF vulnerability could allow a list moderator ...” : Bugs : GNU Mailman

In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request (using that token) to set a new admin password or make other changes.

CVE-2021-43137: Offensive Security’s Exploit Database Archive

Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exits in hostel management system 2.1 via the name field in my-profile.php. Chaining to this both vulnerabilities leads to account takeover.

CVE-2021-43137: Offensive Security’s Exploit Database Archive

Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerability exits in hostel management system 2.1 via the name field in my-profile.php. Chaining to this both vulnerabilities leads to account takeover.

CVE-2021-4015: Fix CSRF issues · firefly-iii/firefly-iii@518b4ba

firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)

CVE-2021-4017: Cross-Site Request Forgery (CSRF) in showdoc

showdoc is vulnerable to Cross-Site Request Forgery (CSRF)

CVE-2021-3993: Cross-Site Request Forgery (CSRF) in showdoc

showdoc is vulnerable to Cross-Site Request Forgery (CSRF)

CVE-2021-20851: WordPress Plugin "Browser and Operating System Finder" vulnerable to cross-site request forgery

Cross-site request forgery (CSRF) vulnerability in Browser and Operating System Finder versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of an administrator via unspecified vectors.