Описание
Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) full name or (2) username field in a confirmation message.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 2.1.5-9ubuntu4.4 |
| devel | released | 1:2.1.14-1 |
| hardy | released | 1:2.1.9-9ubuntu1.4 |
| karmic | released | 1:2.1.12-2ubuntu0.2 |
| lucid | released | 1:2.1.13-1ubuntu0.2 |
| maverick | released | 1:2.1.13-4ubuntu0.2 |
| upstream | needs-triage |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) full name or (2) username field in a confirmation message.
Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) full name or (2) username field in a confirmation message.
Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py ...
Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) full name or (2) username field in a confirmation message.
EPSS
4.3 Medium
CVSS2