A CSRF vulnerability in the admin web interface in GNU Mailman before 2.1.15 was found, allowing remote attackers to hijack the authentication of administrators. Upstream bug: https://bugs.launchpad.net/mailman/+bug/1614841
Upstream bug: https://bugs.launchpad.net/mailman/+bug/775294