Description

Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature.

Remediation

References

CVE-2002-0855

Related Vulnerabilities

WordPress Plugin Craw Data Server-Side Request Forgery (1.0.0)

Oracle HTTP Server Uncontrolled Recursion Vulnerability (CVE-2021-42717)

Drupal CVE-2008-4793 Vulnerability (CVE-2008-4793)

WordPress Plugin Add-on SweetAlert Contact Form 7 Unspecified Vulnerability (1.0.7)

Multiple SugarCRM Products Remote Code Execution Vulnerability (CVE-2023-22952)

Severity

High

Classification

CVE-2002-0855

Tags

Missing Update Known Vulnerabilities