Description
Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature.
Remediation
References
Related Vulnerabilities
MySQL CVE-2017-10284 Vulnerability (CVE-2017-10284)
WordPress Plugin Buddypress Xprofile Custom Fields Type Arbitrary File Deletion (2.6.3)
WordPress Plugin O2Tweet Cross-Site Request Forgery (0.0.4)
WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.12)
WordPress Plugin Zielke Specialized Catalog Arbitrary File Upload (3.0.7)