*** This bug is a security vulnerability ***
Private security bug reported:
A list moderator or list member can potentially carry out a CSRF attach
by getting a list admin to visit a crafted web page
** Affects: mailman
Importance: Medium
Assignee: Mark Sapiro (msapiro)
Status: In Progress
** Patch added: "Patch to fix this issue."
https://bugs.launchpad.net/bugs/1952384/+attachment/5543451/+files/patch.txt
--
You received this bug notification because you are a member of Mailman
Coders, which is subscribed to GNU Mailman.
https://bugs.launchpad.net/bugs/1952384
Title:
A CSRF vulnerability could allow a list moderator or list member to
access the admin UI
To manage notifications about this bug go to:
https://bugs.launchpad.net/mailman/+bug/1952384/+subscriptions
_______________________________________________
Mailman-coders mailing list -- [email protected]
To unsubscribe send an email to [email protected]
https://mail.python.org/mailman3/lists/mailman-coders.python.org/
Member address: [email protected]
