openSUSE-SU-2018:0800-1

Опубликовано: 23 мар. 2018

Источник: suse-cvrf

Описание

Security update for mailman

This update for mailman fixes the following issues:

Security issue fixed:

CVE-2018-5950: Fixed XSS vulnerability via crafted URL that could allow arbitrary javascript execution inside the user's browser (boo#1077358).

Список пакетов

openSUSE Leap 42.3

mailman-2.1.26-2.3.1

Ссылки

https://lists.opensuse.org/opensuse-updates/2018-03/msg00090.html
E-Mail link for openSUSE-SU-2018:0800-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.

Затронутые продукты

openSUSE Leap 42.3:mailman-2.1.26-2.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-5950.html
CVE-2018-5950
https://bugzilla.suse.com/1077358
SUSE Bug 1077358

openSUSE-SU-2018:0800-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2018-5950

Описание

Затронутые продукты

Ссылки