Description

Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2018-0618

Related Vulnerabilities

ownCloud Files or Directories Accessible to External Parties Vulnerability (CVE-2015-4715)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0129)

WordPress Plugin Jigoshop Multiple Unspecified Vulnerabilities (1.17.13)

Moodle Improper Input Validation Vulnerability (CVE-2020-10738)

Joomla Improper Privilege Management Vulnerability (CVE-2012-1563)

Severity

Medium

Classification

CVE-2018-0618 CWE-707 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities