Description
Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users.
Remediation
References
Related Vulnerabilities
Drupal Core 4.7.x Form Action Attribute Injection (4.7.0 - 4.7.3)
Coppermine Multiple Cross-site Scripting (XSS) Vulnerabilities (CVE-2015-6528)
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-0218)
Jolokia Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-10899)