Description

Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature.

Remediation

References

CVE-2002-0855

Related Vulnerabilities

Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2019-19343)

Oracle Database Server CVE-2011-2322 Vulnerability (CVE-2011-2322)

Liferay DXP Origin Validation Error Vulnerability (CVE-2022-25146)

OpenSSL Other Vulnerability (CVE-2015-0208)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2356)

Severity

High

Classification

CVE-2002-0855

Tags

Missing Update Known Vulnerabilities