Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Setting a custom administration login flavor and/or hiding the administration link is not useful security #1170

Open
justingit opened this issue Aug 27, 2023 · 0 comments
Open

Setting a custom administration login flavor and/or hiding the administration link is not useful security #1170

justingit opened this issue Aug 27, 2023 · 0 comments
Labels
bug recreated

Comments

@justingit
Copy link
Owner

Anyone can access the login screen for the list control panel just by trying to visit any list control panel screen. For example, if you are not logged in, and you visit:

https://example.cgi/dada/mail.cgi?f=send_email

you'll be presented with a login screen.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug recreated
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@justingit