Description

Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature.

Remediation

References

CVE-2002-0855

Related Vulnerabilities

WordPress Plugin WP Symposium Open Redirect (13.12)

PHP Other Vulnerability (CVE-2005-3054)

PostgreSQL Improper Access Control Vulnerability (CVE-2019-10127)

WordPress Plugin Contact Form 7 Integrations Multiple Cross-Site Scripting Vulnerabilities (1.3.10)

WordPress Plugin Parsi Date Cross-Site Scripting (4.0.1)

Severity

High

Classification

CVE-2002-0855

Tags

Missing Update Known Vulnerabilities