21 Oct 2021
Vulnérabilité CVE-2021-42097 CVE Vulnerability
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover). (CVSS:0.0) (Last Update:2021-10-21)
Vulnerability Details : GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover). Publish Date : 2021-10-21 Last Update Date : 2021-10-21 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2021-42097
- References For CVE-2021-42097
| ||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2021-42097There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |