ELSA-2018-0505

Опубликовано: 13 мар. 2018

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2018-0505: mailman security update (MODERATE)

[3:2.1.15-26.1]

Related: #1545974 - Add import regular expression module

[3:2.1.15-26]

Related: #1545974 - Bump release to make it higher than 7.5

[3:2.1.15-24.2]

Resolves: #1545974 - Add sanitizer to mitigate XSS injection

[3:2.1.15-24.1]

Resolves: #1545974 - Fix XSS vulnerability in web UI

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

mailman

2.1.15-26.el7_4.1

Oracle Linux x86_64

mailman

2.1.15-26.el7_4.1

Связанные CVE

CVE-2018-5950

Ссылки на источники

Связанные уязвимости

CVE-2018-5950

CVSS3: 6.1

ubuntu

больше 7 лет назад

Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.

CVE-2018-5950

CVSS3: 6.1

redhat

больше 7 лет назад

Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.

CVE-2018-5950

CVSS3: 6.1

nvd

больше 7 лет назад

Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.

CVE-2018-5950

CVSS3: 6.1

debian

больше 7 лет назад

Cross-site scripting (XSS) vulnerability in the web UI in Mailman befo ...

openSUSE-SU-2018:0800-1

suse-cvrf

около 7 лет назад

Security update for mailman