FreeBSD VuXML

Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Security issues that affect the FreeBSD operating system or applications in the FreeBSD Ports Collection are documented using the Vulnerabilities and Exposures Markup Language (VuXML). The current VuXML document that serves as the source for the content of this site can be found:

Please report security issues to the FreeBSD Security Team at . Full contact details, including information handling policies and PGP key, can be found on the FreeBSD Security page.

mailman


Entered Topic
2021-12-01 mailman < 2.1.38 -- CSRF vulnerability of list mod or member against list admin page
2021-11-13 mailman -- 2.1.37 fixes XSS via user options, and moderator offline brute-force vuln against list admin password
2021-10-20 mailman -- brute-force vuln on list admin password, and CSRF vuln in releases before 2.1.35
2020-05-07 mailman -- arbitrary content injection vulnerability via options or private archive login pages
2018-07-31 mailman -- content spoofing with invalid list names in web UI
2018-06-25 mailman -- hardening against malicious listowners injecting evil HTML scripts
2018-02-08 Mailman -- Cross-site scripting (XSS) vulnerability in the web UI
2016-09-06 mailman -- CSRF hardening in parts of the web interface
2016-08-29 mailman -- CSRF protection enhancements
2015-04-09 mailman -- path traversal vulnerability
2011-03-10 mailman -- XSS vulnerability
2010-11-03 Mailman -- cross-site scripting in web interface
2008-04-25 mailman -- script insertion vulnerability
2006-09-04 mailman -- Multiple Vulnerabilities
2006-04-16 mailman -- Private Archive Script Cross-Site Scripting
2005-06-01 mailman -- generated passwords are poor quality
mailman -- password disclosure
2005-02-12 mailman -- directory traversal vulnerability
2004-02-25 mailman denial-of-service vulnerability in MailCommandHandler
mailman XSS in admin script
mailman XSS in create script
mailman XSS in user options page