CVE-2003-0038

This is a writeup describing a cross-site scripting (XSS) vulnerability in GNU Mailman due to insufficient sanitization of user-supplied data in error pages. The example demonstrates how an attacker could embed malicious script code in a URL to execute arbitrary JavaScript in the context of a victim's browser.

This is a writeup describing a cross-site scripting (XSS) vulnerability in GNU Mailman due to insufficient sanitization of URI parameters. The example demonstrates how an attacker could embed malicious script code in a URL to execute arbitrary JavaScript in the context of a victim's browser.