A short link to this page is https://wiki.list.org/x/17891946

Clear message

Unauthorized Domain Deletion

Problem

In Postorius releases prior to 1.0.3 the administrative page to delete domains is missing proper protection against unauthorized access. Thus users without administrative rights could potentially access this page and delete domains if they know or guess the url structure.

Resolution

Update Postorius to version 1.0.3.

Using Pip: 

  pip install --upgrade postorius

Or using the tarball on https://pypi.python.org/pypi/postorius