A CSRF vulnerability could allow a list moderator or list member to access the admin UI

Bug #1952384 reported by Mark Sapiro
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
GNU Mailman
Fix Released
Medium
Mark Sapiro

Bug Description

A list moderator or list member can potentially carry out a CSRF attach by getting a list admin to visit a crafted web page.

A moderator or list member can get an admindb or options page with a CSRF token and use that token in a crafted POST request to the admin page to change the list admin password or other settings and convince an admin to submit the POST.

Likewise, a list member can do the same with a POST to the admindb page to handle requests.

Related branches

CVE References

Revision history for this message
Mark Sapiro (msapiro) wrote :
Mark Sapiro (msapiro)
description: updated
Mark Sapiro (msapiro)
Changed in mailman:
status: In Progress → Fix Released
information type: Private Security → Public Security
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers