FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mailman -- XSS vulnerability

Affected packages
mailman < 2.1.14_1


VuXML ID 64691c49-4b22-11e0-a226-00e0815b8da8
Discovery 2011-02-13
Entry 2011-03-10

CVE reports:

Multiple cross-site scripting (XSS) vulnerabilities in Cgi/ in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) full name or (2) username field in a confirmation message.


CVE Name CVE-2011-0707