[SECURITY] [DSA 6257-1] postorius security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6257-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 08, 2026 https://www.debian.org/security/faq -...

Debian dsa-6257 : python3-django-postorius - security update

The remote Debian 12 / 13 host has a package installed that is affected by a vulnerability as referenced in the dsa-6257 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6257-1 [email protected] https://www.debian.org/security/...

mailman-web (>=0.0.5 <=0.0.9) potentially affected by CVE-2026-44742 via postorius (>=1.3.10 <=1.3.13)

postorius PYPI version =1.3.10, =0.0.5, =0.0.9 Source cves: CVE-2026-44742 Source advisory: OSV:GHSA-R7C9-7PJQ-HMM8...

mailman-web (>=0.0.5 <=0.0.9) potentially affected by CVE-2026-44742 via postorius (>=1.3.10 <=1.3.13)

postorius PYPI version =1.3.10, =0.0.5, =0.0.9 Source cves: CVE-2026-44742 Source advisory: SNYK:PYTHON-POSTORIUS-16635974...

Postorius 跨站脚本漏洞

Postorius is an open-source web application developed by GNU Mailman for managing email lists. Versions of Postorius 1.3.13 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from the lack of escaping of HTML in the message titles when these titles were rendere...

Ubuntu 16.04 LTS / 20.04 LTS : Mailman vulnerability (USN-8067-1)

The remote Ubuntu 16.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8067-1 advisory. It was discovered that Mailman incorrectly handled CSRF tokens. A remote list member or moderator could possibly use their own token to craft an admin...

Ubuntu: Security Advisory (USN-8067-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-8067-1 mailman vulnerability

It was discovered that Mailman incorrectly handled CSRF tokens. A remote list member or moderator could possibly use their own token to craft an admin request CSRF attack and set a new admin password or make other changes...

USN-8067-1: Mailman vulnerability

It was discovered that Mailman incorrectly handled CSRF tokens. A remote list member or moderator could possibly use their own token to craft an admin request CSRF attack and set a new admin password or make other changes...

MiracleLinux 8 : mailman:2.1 (AXSA:2022-2976:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2976:01 advisory. mailman: CSRF token bypass allows to perform CSRF attacks and account takeover CVE-2021-42097 mailman: CSRF token derived from admin password allows...

MiracleLinux 8 : mailman:2.1 (AXSA:2022-2979:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-2979:01 advisory. mailman: CSRF token bypass allows to perform CSRF attacks and admin takeover CVE-2021-44227 Tenable has extracted the preceding description block directly fr...

MiracleLinux 7 : mailman-2.1.15-30.el7 (AXSA:2020-4558:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-4558:01 advisory. mailman: Cross-site scripting vulnerability allows malicious listowners to inject scripts into listinfo pages CVE-2018-0618 mailman: Mishandled URLs...

MiracleLinux 8 : mailman:2.1 mailman (AXSA:2021-1560:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1560:01 advisory. mailman: XSS via file attachments in list archives CVE-2020-12137 Tenable has extracted the preceding description block directly from the MiracleLinux securi...

MiracleLinux 7 : mailman-2.1.15-30.el7.2 (AXSA:2021-2576:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2576:01 advisory. mailman: CSRF token bypass allows to perform CSRF attacks and account takeover CVE-2021-42097 mailman: CSRF token bypass allows to perform CSRF...

MiracleLinux 3 : mailman-2.1.11-3.3AXS3 (AXBA:2009-202:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXBA:2009-202:01 advisory. - Multiple cross-site scripting XSS vulnerabilities in Mailman before 2.1.10b1 allow remote attackers to inject arbitrary web script or HTML via unspecified...

MiracleLinux 7 : mailman-2.1.15-26.el7.1 (AXSA:2018-2615:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2018-2615:01 advisory. mailman: Cross-site scripting XSS vulnerability in web UI CVE-2018-5950 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 4 : mailman-2.1.12-26.AXS4.3 (AXSA:2018-2616:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2018-2616:01 advisory. mailman: Cross-site scripting XSS vulnerability in web UI CVE-2018-5950 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 4 : mailman-2.1.12-25.AXS4 (AXSA:2015-303:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2015-303:01 advisory. Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailin...

MiracleLinux 3 : mailman-2.1.11-3.4.AXS3 (AXSA:2011-74:01)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2011-74:01 advisory. Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing...

MiracleLinux 4 : mailman-2.1.12-14.AXS4.2 (AXSA:2011-73:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-73:01 advisory. Mailman is software to help manage email discussion lists, much like Majordomo and Smartmail. Unlike most similar products, Mailman gives each mailing...