A short link to this page is https://wiki.list.org/x/17891946

Clear message

Unauthorized Domain Deletion


In Postorius releases prior to 1.0.3 the administrative page to delete domains is missing proper protection against unauthorized access. Thus users without administrative rights could potentially access this page and delete domains if they know or guess the url structure.


Update Postorius to version 1.0.3.

Using Pip:

  pip install --upgrade postorius

Or using the tarball on https://pypi.python.org/pypi/postorius