Description
In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS.
Remediation
References
Related Vulnerabilities
WordPress Plugin Bitcoin/Altcoin Faucet Cross-Site Request Forgery (1.6.0)
WordPress Plugin WooCommerce-Store Toolkit Privilege Escalation (1.5.7)
MySQL CVE-2020-14846 Vulnerability (CVE-2020-14846)
Joomla! Core 1.5.x Multiple Vulnerabilities (1.5.0 - 1.5.9)
Liferay DXP Incorrect Default Permissions Vulnerability (CVE-2021-38268)