Description

Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature.

Remediation

References

CVE-2002-0855

Related Vulnerabilities

WordPress Plugin Track That Stat 'data' Parameter Cross-Site Scripting (1.0.8)

Masa CMS Incorrect Authorization Vulnerability (CVE-2022-47002)

WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Unspecified Vulnerability (3.1.6)

Jboss EAP Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12617)

phpMyFAQ Improper Privilege Management Vulnerability (CVE-2023-1762)

Severity

High

Classification

CVE-2002-0855

Tags

Missing Update Known Vulnerabilities