CVE-2003-0038
EPSS 10.6%Mailman Cross-site scripting (XSS) vulnerability
Published: 4/29/2022Modified: 11/28/2024
Also known as:GHSA-82rm-28q9-435pDSA-436DEBIAN-CVE-2003-0038DEBIAN-CVE-2003-0965DEBIAN-CVE-2003-0991
Description
Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters.
Affected packages (2)
- Debian/mailmanfrom 0, < 2.0.11-1woody7
- PyPI/mailmanfrom 0, < 2.1.1
References (8)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2003-0038
- WEBhttp://marc.info/?l=bugtraq&m=104342745916111
- WEBhttps://exchange.xforce.ibmcloud.com/vulnerabilities/11152
- WEBhttp://telia.dl.sourceforge.net/sourceforge/mailman/xss-2.1.0-patch.txt
- WEBhttp://www.debian.org/security/2004/dsa-436
- WEBhttp://www.osvdb.org/9205
- WEBhttp://www.securityfocus.com/bid/6677
- WEBhttp://www.securitytracker.com/id?1005987