Description
Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman before 2.1.14rc1 allow remote authenticated users to inject arbitrary web script or HTML via vectors involving (1) the list information field or (2) the list description field.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
Debian DSA |
DSA-2170-1 | mailman security update |
EUVD |
EUVD-2010-3090 | Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman before 2.1.14rc1 allow remote authenticated users to inject arbitrary web script or HTML via vectors involving (1) the list information field or (2) the list description field. |
Ubuntu USN |
USN-1069-1 | Mailman vulnerabilities |
References
History
No history.
Status: PUBLISHED
Assigner: redhat
Published:
Updated: 2024-08-07T02:55:46.792Z
Reserved: 2010-08-20T00:00:00.000Z
Link: CVE-2010-3089
No data.
Status : Modified
Published: 2010-09-15T20:00:02.103
Modified: 2026-06-16T23:22:06.470
Link: CVE-2010-3089
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Debian DSA
EUVD
Ubuntu USN