Description
Cross-site scripting (XSS) vulnerability in the private archive script (private.py) in GNU Mailman 2.1.7 allows remote attackers to inject arbitrary web script or HTML via the action argument.
Remediation
References
Related Vulnerabilities
WordPress Plugin Multi Plugin Installer Arbitrary File Disclosure (1.1.0)
Oracle Application Server CVE-2006-0289 Vulnerability (CVE-2006-0289)
WordPress Plugin WP SVG Icons Multiple Unspecified Vulnerabilities (3.1.8.1)
Python Other Vulnerability (CVE-2012-2135)
Liferay Portal Deserialization of Untrusted Data Vulnerability (CVE-2019-16891)