Description
Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name.
Remediation
References
Related Vulnerabilities
MediaWiki CVE-2021-45471 Vulnerability (CVE-2021-45471)
WordPress Plugin YITH WooCommerce Gift Cards Security Bypass (1.3.7)
Oracle Database Server CVE-2024-21233 Vulnerability (CVE-2024-21233)
WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.3)
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2006-0553)