Description

Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2018-0618

Related Vulnerabilities

Magento Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-4010)

Jenkins Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2024-43044)

Drupal Improper Input Validation Vulnerability (CVE-2007-6299)

ownCloud Resource Management Errors Vulnerability (CVE-2015-6500)

TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-1607)

Severity

Medium

Classification

CVE-2018-0618 CWE-707 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities