Description

An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.

Remediation

References

CVE-2018-13796

Related Vulnerabilities

Ruby Improper Input Validation Vulnerability (CVE-2015-1855)

WordPress Plugin AVH Extended Categories Widgets SQL Injection (4.0.0)

WordPress Plugin Gallery-Flagallery Photo Portfolio SQL Injection and Information Disclosure Vulnerabilities (0.59)

MySQL CVE-2020-2926 Vulnerability (CVE-2020-2926)

WordPress Plugin Church Admin Cross-Site Scripting (0.800)

Severity

Medium

Classification

CVE-2018-13796 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities