[Bug 1614841] Re: CSRF protection needs to be extended to the user options page

Mark Sapiro mark at msapiro.net
Sun Aug 21 15:21:43 EDT 2016


** Description changed:

  There is a possibility of a CSRF attack via the user options page which
- could allow an attacker to discover a user's password.
+ could allow an attacker to discover a user's password.  Reported by
+ Nishant Agarwala.

-- 
You received this bug notification because you are a member of Mailman
Coders, which is subscribed to GNU Mailman.
https://bugs.launchpad.net/bugs/1614841

Title:
  CSRF protection needs to be extended to the user options page

To manage notifications about this bug go to:
https://bugs.launchpad.net/mailman/+bug/1614841/+subscriptions


More information about the Mailman-coders mailing list