Multiple Cross-Site Scripting Vulnerabilities in Mailman by Python Software Foundation
CVE-2006-3636

Currently unrated

Key Information:

Vendor

Gnu
Status
Mailman
Vendor
CVE Published:
6 September 2006

What is CVE-2006-3636?

Mailman, an email discussion and newsletter management software, is susceptible to multiple cross-site scripting vulnerabilities. These flaws allow remote attackers to inject arbitrary web scripts or HTML into affected installations of Mailman before version 2.1.9rc1. This injection can occur through unspecified vectors, potentially compromising the security of users who interact with maliciously crafted content. Administrators are advised to apply necessary updates and configure their installations securely to mitigate these risks.

References

http://www.vupen.com/english/advisories/2006/3446
vdb-entryx_refsource_VUPEN
http://www.debian.org/security/2006/dsa-1188
vendor-advisoryx_refsource_DEBIAN
http://mail.python.org/pipermail/mailman-announce/2006-Se...
mailing-listx_refsource_MLIST

EPSS Score

22% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.