Description

Cross-site scripting (XSS) vulnerability in the private archive script (private.py) in GNU Mailman 2.1.7 allows remote attackers to inject arbitrary web script or HTML via the action argument.

Remediation

References

CVE-2006-1712

Related Vulnerabilities

WordPress Plugin Yoast SEO Cross-Site Scripting (20.2)

phpMyAdmin Improper Input Validation Vulnerability (CVE-2016-6623)

WordPress Plugin nBill Lite PHP Object Injection (3.2.2)

phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-6616)

WordPress Plugin Awesome Support-WordPress HelpDesk & Support Cross-Site Scripting (6.0.5)

Severity

Low

Classification

CVE-2006-1712

Tags

Missing Update Known Vulnerabilities