CESA-2021:4913 -- centos 7 mailmanID: oval:org.secpod.oval:def:205921 | Date: (C)2021-12-22 (M)2023-12-20 |
Class: PATCH | Family: unix |
Mailman is a program used to help manage e-mail discussion lists. Security Fix: * mailman: CSRF token bypass allows to perform CSRF attacks and account takeover * mailman: CSRF token bypass allows to perform CSRF attacks and admin takeover * mailman: CSRF protection missing in the user options page For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.