Description

Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature.

Remediation

References

CVE-2002-0855

Related Vulnerabilities

WordPress Plugin RK Responsive Contact Form SQL Injection (1.0.0)

WordPress Plugin BetterDocs-Best Documentation & Knowledge Base Cross-Site Scripting (1.8.4)

WordPress Plugin Slideshow Gallery LITE Arbitrary File Upload (1.4.6)

MyBB CVE-2006-0218 Vulnerability (CVE-2006-0218)

WordPress Plugin Appointment Booking Calendar CSV Injection (1.3.34)

Severity

High

Classification

CVE-2002-0855

Tags

Missing Update Known Vulnerabilities