[Bug 1614841] Re: CSRF protection needs to be extended to the user options page

Mark Sapiro mark at msapiro.net
Tue Aug 23 16:43:08 EDT 2016


> What versions?

All Mailman 2.1.x prior to 2.1.23. However, versions older than 2.1.15
are also vulnerable to CSRF attacks on the admin web interface.

-- 
You received this bug notification because you are a member of Mailman
Coders, which is subscribed to GNU Mailman.
https://bugs.launchpad.net/bugs/1614841

Title:
  CSRF protection needs to be extended to the user options page

To manage notifications about this bug go to:
https://bugs.launchpad.net/mailman/+bug/1614841/+subscriptions


More information about the Mailman-coders mailing list