Description
Cross-site scripting vulnerability in Mailman email archiver before 2.08 allows attackers to obtain sensitive information or authentication credentials via a malicious link that is accessed by other web users.
References (7)
Core 7
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2001-169.html
Patch, Vendor Advisory mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/242839
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2001-168.html
Vendor Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2001-170.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/7617
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/3602
Patch, Vendor Advisory vendor-advisory
x_refsource_conectiva
http://www.securityfocus.com/advisories/3721
Scores
EPSS
0.0065
EPSS Percentile
71.1%
Details
Status
published
Products (5)
gnu/mailman
gnu/mailman
5.0
gnu/mailman
5.1
gnu/mailman
6.0
gnu/mailman
7.0
Published
Dec 21, 2001
Tracked Since
Feb 18, 2026