Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server.
{ "cwe_ids": [ "CWE-200" ], "nvd_published_at": "2004-08-18T04:00:00Z", "github_reviewed_at": "2023-09-18T22:51:49Z", "github_reviewed": true, "severity": "MODERATE" }