Description

Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users.

Remediation

References

CVE-2003-0992

Related Vulnerabilities

Drupal Core 4.7.x Form Action Attribute Injection (4.7.0 - 4.7.3)

Coppermine Multiple Cross-site Scripting (XSS) Vulnerabilities (CVE-2015-6528)

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-0218)

Jolokia Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2018-10899)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-20519)

Severity

Medium

Classification

CVE-2003-0992

Tags

Missing Update Known Vulnerabilities