Comment 8 for bug 1614841

CVE-2011-0707 is not related to this CSRF issue. It references an XSS vulnerability that was fixed in Mailman 2.1.15 and so noted in the changelog of that release at https://launchpad.net/mailman/2.1/2.1.15

CVE-2016-7123 is a new CVE that apparently just acknowledging the CSRF vulnerability in the admin interface that exists in Mailman prior to 2.1.15. See https://bugs.launchpad.net/mailman/+bug/775294