Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:44 p.m.7 views

CVE-2021-40347

An issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker logged into any account can send a crafted POST request to unsubscribe any user from a mailing list, also revealing whether that address was subscribed in the first place...

5.5CVSS6.5AI score0.01176EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/11/30 12:0 a.m.21 views

Ubuntu 18.04 LTS / 20.04 LTS : Postorius vulnerability (USN-5157-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5157-1 advisory. It was discovered that Postorius mishandled specially crafted input. An attacker could use this vulnerability that obtain sensitive information. Tenab...

5.5CVSS5.7AI score0.01176EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2021/09/11 12:0 a.m.11 views

Debian: Security Advisory (DSA-4970-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.6AI score0.01176EPSS
Exploits1References4
OSV
OSV
added 2021/09/10 7:15 p.m.19 views

CVE-2021-40347

An issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker logged into any account can send a crafted POST request to unsubscribe any user from a mailing list, also revealing whether that address was subscribed in the first place...

5.4CVSS5.2AI score
Exploits0References6
OSV
OSV
added 2021/09/10 7:15 p.m.3 views

UBUNTU-CVE-2021-40347

An issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker logged into any account can send a crafted POST request to unsubscribe any user from a mailing list, also revealing whether that address was subscribed in the first place...

5.4CVSS6AI score0.01176EPSS
Exploits1References4
CVE
CVE
added 2021/09/10 6:17 p.m.76 views

CVE-2021-40347

The CVE-2021-40347 issue affects GNU Mailman Postorius (views/list.py) for versions before 1.3.5. An authenticated attacker can send a crafted POST request to unsubscribe any user from a mailing list and can reveal whether that address was subscribed. Remediation: upgrade Postorius to 1.3.5 or ne...

5.5CVSS5AI score0.01176EPSS
Exploits1References6Affected Software1
Debian CVE
Debian CVE
added 2021/09/10 6:17 p.m.14 views

CVE-2021-40347

An issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker logged into any account can send a crafted POST request to unsubscribe any user from a mailing list, also revealing whether that address was subscribed in the first place...

5.5CVSS5.1AI score0.01176EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2021/09/10 12:0 a.m.28 views

Debian DSA-4970-1 : postorius - security update

The remote Debian 10 / 11 host has a package installed that is affected by a vulnerability as referenced in the dsa-4970 advisory. Kevin Israel discovered that Postorius, the administrative web frontend for Mailman 3, didn't validate whether a logged-in user owns the email address when...

5.5CVSS5.6AI score0.01176EPSS
Exploits1References6
Debian
Debian
added 2021/09/09 5:52 p.m.41 views

[SECURITY] [DSA 4970-1] postorius security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4970-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 09, 2021 https://www.debian.org/security/faq -...

5.5CVSS5.3AI score0.01176EPSS
Exploits1
Rows per page
Query Builder