Description

Cross-site scripting (XSS) vulnerability in the private archive script (private.py) in GNU Mailman 2.1.7 allows remote attackers to inject arbitrary web script or HTML via the action argument.

Remediation

References

CVE-2006-1712

Related Vulnerabilities

WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.4)

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-25476)

Oracle HTTP Server Out-of-bounds Write Vulnerability (CVE-2019-5482)

WordPress Plugin FCChat Widget 'path' Parameter Cross-Site Scripting (2.1.7)

MediaWiki Improper Access Control Vulnerability (CVE-2015-8008)

Severity

Low

Classification

CVE-2006-1712

Tags

Missing Update Known Vulnerabilities