*** This bug is a security vulnerability *** Private security bug reported: A valid `csrf_token` generated for one user session can be considered valid for another user session. This allows an attacker to generate a token which they can engineer another user, with an active session, to send to the server to execute the commands specified by the attacker whilst authenticated as the victim. Theoretically this could allow account take over. Thanks to Andre Protas, Richard Cloke and Andy Nuttall of Apple for reporting these and helping with the development of a fix. ** Affects: mailman Importance: Medium Assignee: Mark Sapiro (msapiro) Status: In Progress ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-42097 -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1947640 Title: Potential CSRF attack via the user options page. To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1947640/+subscriptions