Описание
An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | mailman | Will not fix | ||
| Red Hat Enterprise Linux 6 | mailman | Will not fix | ||
| Red Hat Enterprise Linux 8 | mailman | Not affected | ||
| Red Hat Enterprise Linux 7 | mailman | Fixed | RHSA-2020:1054 | 31.03.2020 |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-345
https://bugzilla.redhat.com/show_bug.cgi?id=1609090mailman: Mishandled URLs in Utils.py:GetPathPieces() allows attackers to display arbitrary text on trusted sites
EPSS
Процентиль: 64%
0.00478
Низкий
4.3 Medium
CVSS3
Связанные уязвимости
CVSS3: 6.5
ubuntu
больше 7 лет назад
An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.
CVSS3: 6.5
nvd
больше 7 лет назад
An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.
CVSS3: 6.5
debian
больше 7 лет назад
An issue was discovered in GNU Mailman before 2.1.28. A crafted URL ca ...
CVSS3: 6.5
github
больше 7 лет назад
Moderate severity vulnerability that affects mailman
EPSS
Процентиль: 64%
0.00478
Низкий
4.3 Medium
CVSS3