Description
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is derived from the admin password, and may be useful in conducting a brute-force attack against that password.
Remediation
References
Related Vulnerabilities
WordPress Plugin Smart Marketing SMS and Newsletters Forms Cross-Site Scripting (1.1.1)
PHP unspecified remote arbitrary file upload vulnerability
WordPress Plugin Coming Soon Multiple Vulnerabilities (1.1.18)
IBM RTC Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-29701)
OpenVPN AS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-2061)