Description
Cross-site scripting (XSS) vulnerability in the private archive script (private.py) in GNU Mailman 2.1.7 allows remote attackers to inject arbitrary web script or HTML via the action argument.
Remediation
References
Related Vulnerabilities
WordPress Plugin Multiple Domain Cross-Site Scripting (1.0.2)
Django Uncontrolled Resource Consumption Vulnerability (CVE-2021-45115)
WordPress Plugin Football Pool Arbitrary File Upload (2.6.3)
WordPress Plugin User Verification Security Bypass (1.0.93)
WordPress Plugin WP Content Copy Protection & No Right Click Cross-Site Request Forgery (3.1.5)