ELSA-2018-0504

Опубликовано: 13 мар. 2018

Источник: oracle-oval

Платформа: Oracle Linux 6

Описание

ELSA-2018-0504: mailman security update (MODERATE)

[3:2.1.12-26.3]

Related: #1545967 - Add missed import

[3:2.1.12-26.2]

Resolves: #1545967 - Fix XSS vulnerability in web UI. Add sanitizer

[3:2.1.12-26.1]

Resolves: #1545967 - Fix XSS vulnerability in web UI

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

mailman

2.1.12-26.el6_9.3

Oracle Linux i686

mailman

2.1.12-26.el6_9.3

Связанные CVE

CVE-2018-5950

Ссылки на источники

Связанные уязвимости

CVE-2018-5950

CVSS3: 6.1

ubuntu

больше 7 лет назад

Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.

CVE-2018-5950

CVSS3: 6.1

redhat

больше 7 лет назад

Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.

CVE-2018-5950

CVSS3: 6.1

nvd

больше 7 лет назад

Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.

CVE-2018-5950

CVSS3: 6.1

debian

больше 7 лет назад

Cross-site scripting (XSS) vulnerability in the web UI in Mailman befo ...

openSUSE-SU-2018:0800-1

suse-cvrf

около 7 лет назад

Security update for mailman