Description

An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.

Remediation

References

CVE-2018-13796

Related Vulnerabilities

WordPress Plugin YITH WooCommerce Gift Cards Premium Arbitrary File Upload (3.3.0)

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-37389)

IBM RTC Improper Restriction of XML External Entity Reference Vulnerability (CVE-2016-0219)

MySQL CVE-2024-21127 Vulnerability (CVE-2024-21127)

WordPress 2.8.3 Admin Password Reset Security Bypass Vulnerability (0.6.2 - 2.8.3)

Severity

Medium

Classification

CVE-2018-13796 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities