My Mailman 2.1.12 server was flagged with a low-risk vulnerability:
42057 Web Server Allows Password Auto-Completion
and I cannot tell from the description what URLs have this
vulnerability, nor do I know how to correct it. I know little
about apache. One Google search at this URL
Barry Finkel wrote:
Am I correct in assuming that in order to fix this, I would have to
go to directory
/etc/mailman/en
and modify these HTML files that contain the string password:
admlogin.htmlcontains FORM METHOD=POST ACTION=%(path)s
listinfo.htmlcontains
