Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server.
{ "affected_functions": [ "" ] }