Hallo zusammen,
sofern nicht selber schon gesehen/-lesen hier [0] FYI
"Mailman 2.1 security release"
CVE-2021-42096 could allow a list member to discover the list admin password.
CVE-2021-42097 could allow a list member to create a successful CSRF attack against another list member enabling takeover of the members account.
VG
Bernd
[0] https://mail.python.org/archives/list/mailman-announce@python.org/thread/IKC...
rwth-security@lists.rwth-aachen.de