Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Mailman Improper Input Validation Vulnerability (CVE-2018-13796)

Description

An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.

Remediation

References

Related Vulnerabilities

WordPress Plugin ThinkTwit Cross-Site Scripting (1.7.0)

WordPress Plugin Publish to Schedule Cross-Site Request Forgery (4.4.2)

Oracle JRE CVE-2019-2949 Vulnerability (CVE-2019-2949)

WordPress Plugin WP Editor.md Cross-Site Scripting (1.6)

Varnish Cache Reachable Assertion Vulnerability (CVE-2019-15892)

Severity

Medium

Classification

CVE-2018-13796 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities