CVE-2002-0855

Published: Aug 14, 2002

Modified: Aug 8, 2024

PUBLISHED

Description

Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20020724 cross-site scripting bug of Mailman

mailing-list

x_refsource_BUGTRAQ

http://mail.python.org/pipermail/mailman-announce/2002-July/000043.html

x_refsource_CONFIRM

RHSA-2002:177

vendor-advisory

x_refsource_REDHAT

RHSA-2002:178

vendor-advisory

x_refsource_REDHAT

DSA-147

vendor-advisory

x_refsource_DEBIAN

5298

vdb-entry

x_refsource_BID

RHSA-2002:181

vendor-advisory

x_refsource_REDHAT

RHSA-2002:176

vendor-advisory

x_refsource_REDHAT

mailman-subscription-option-xss(9985)

vdb-entry

x_refsource_XF

CLA-2002:522

vendor-advisory

x_refsource_CONECTIVA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2002-0855

Description

Affected Products

References