CVE-2015-1306

EPSS 0.58%

sympa - security update

Published: 1/22/2015Modified: 4/28/2026

Description

The newsletter posting area in the web interface in Sympa 6.0.x before 6.0.10 and 6.1.x before 6.1.24 allows remote attackers to read arbitrary files via unspecified vectors.

Affected packages (3)

Debian/sympafrom 0, < 6.1.23~dfsg-2
Debian/sympafrom 0, < 6.0.1+dfsg-4+squeeze3
Debian/sympafrom 0, < 6.1.11~dfsg-5+deb7u2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-1306