CVE-2018-13796

描述

An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.

受影響套件(1)

• PyPI/mailmanfrom 0, < 2.1.28

CVSS 分數

參考連結(7)

• ADVISORYhttps://github.com/advisories/GHSA-xqvg-xm9m-p2c4
• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2018-13796
• WEBhttps://bugs.launchpad.net/mailman/+bug/1780874
• WEBhttps://lists.debian.org/debian-lts-announce/2018/07/msg00034.html
• WEBhttps://security.gentoo.org/glsa/201904-10
• WEBhttps://usn.ubuntu.com/4348-1
• WEBhttps://www.mail-archive.com/[email protected]/msg71003.html