** Description changed: There is a possibility of a CSRF attack via the user options page which - could allow an attacker to discover a user's password. + could allow an attacker to discover a user's password. Reported by + Nishant Agarwala.
-- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1614841 Title: CSRF protection needs to be extended to the user options page To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1614841/+subscriptions _______________________________________________ Mailman-coders mailing list [email protected] https://mail.python.org/mailman/listinfo/mailman-coders
