FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mailman < 2.1.38 -- CSRF vulnerability of list mod or member against list admin page

Affected packages
mailman < 2.1.38
mailman-exim4 < 2.1.38
mailman-exim4-with-htdig < 2.1.38
mailman-postfix < 2.1.38
mailman-postfix-with-htdig < 2.1.38
mailman-with-htdig < 2.1.38


VuXML ID 0d6efbe3-52d9-11ec-9472-e3667ed6088e
Discovery 2021-11-25
Entry 2021-12-01

Mark Sapiro reports:

A list moderator or list member can potentially carry out a CSRF attack by getting a list admin to visit a crafted web page.


CVE Name CVE-2021-44227