CVE-2018-13796

Опубликовано: 12 июл. 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Низкий

Описание

An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.

Ссылки

https://bugs.launchpad.net/mailman/+bug/1780874
Issue Tracking
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/07/msg00034.html
Mailing List
Third Party Advisory
https://security.gentoo.org/glsa/201904-10
Third Party Advisory
https://usn.ubuntu.com/4348-1/
https://www.mail-archive.com/mailman-users%40python.org/msg71003.html
https://bugs.launchpad.net/mailman/+bug/1780874
Issue Tracking
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/07/msg00034.html
Mailing List
Third Party Advisory
https://security.gentoo.org/glsa/201904-10
Third Party Advisory
https://usn.ubuntu.com/4348-1/
https://www.mail-archive.com/mailman-users%40python.org/msg71003.html

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gnu:mailman:*:*:*:*:*:*:*:*

Версия до 2.1.28 (исключая)

EPSS

Процентиль: 64%

0.00478

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2018-13796

CVSS3: 6.5

ubuntu

больше 7 лет назад

An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.

CVE-2018-13796

CVSS3: 4.3

redhat

больше 7 лет назад

An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.

CVE-2018-13796

CVSS3: 6.5

debian

больше 7 лет назад

An issue was discovered in GNU Mailman before 2.1.28. A crafted URL ca ...

openSUSE-SU-2018:2309-1

suse-cvrf

больше 7 лет назад

Security update for mailman

GHSA-xqvg-xm9m-p2c4

CVSS3: 6.5

github

больше 7 лет назад

Moderate severity vulnerability that affects mailman

EPSS

Процентиль: 64%

0.00478

Низкий

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-20