Public bug reported:
The hardening of the web admin interface against CSRF attacks which was
introduced in Mailman 2.1.15 did not take into account listnames that
contain a '+' character and confuses it with a derlimiter causing the
check to fail.
** Affects: mailman
Importance: High
Assignee: Mark Sapiro (msapiro)
Status: In Progress
--
You received this bug notification because you are a member of Mailman
Coders, which is subscribed to GNU Mailman.
https://bugs.launchpad.net/bugs/1190802
Title:
admin interface CSRF check fails if listname contains '+'
To manage notifications about this bug go to:
https://bugs.launchpad.net/mailman/+bug/1190802/+subscriptions
_______________________________________________
Mailman-coders mailing list
[email protected]
http://mail.python.org/mailman/listinfo/mailman-coders
