Description
Cross-site scripting vulnerability in Mailman email archiver before 2.08 allows attackers to obtain sensitive information or authentication credentials via a malicious link that is accessed by other web users.
Affected products
- gnu / Mailman
- gnu / Mailman5.0 – 5.0
- gnu / Mailman5.1 – 5.1
- gnu / Mailman6.0 – 6.0
- gnu / Mailman7.0 – 7.0
References
- MISChttp://www.redhat.com/support/errata/RHSA-2001-169.html
- MISChttp://www.securityfocus.com/archive/1/242839
- MISChttp://www.redhat.com/support/errata/RHSA-2001-168.html
- MISChttp://www.redhat.com/support/errata/RHSA-2001-170.html
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/7617
- MISChttp://www.securityfocus.com/bid/3602
- VENDOR_ADVISORYhttp://www.securityfocus.com/advisories/3721