Sympa New List Cross-Site Scripting Vulnerability Network Vulnerability

Summary

The remote web server contains a CGI script that is affected by a cross-site scripting vulnerability. Description : According to its version number, the installation of Sympa on the remote host contains an HTML injection vulnerability that may allow a user who has the privileges to create a new list to inject HTML tags in the list description field.

Solution

Update to version 4.1.3 or newer.

References

http://archives.neohapsis.com/archives/bugtraq/2004-08/0293.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2004-1735

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Aardvark Topsites <= 4.2.2 Remote File Inclusion Vulnerability
Apache Tomcat NIO Connector Denial of Service Vulnerability
An Image Gallery Multiple Cross-Site Scripting Vulnerability
Apache Tomcat SecurityConstraints Security Bypass Vulnerability
Apache Tomcat RemoteFilterValve Security Bypass Vulnerability

Take action and discover your vulnerabilities