CVE-2010-3089

Currently unrated

Key Information:

Vendor: Gnu
Status: Mailman
Vendor: CVE Published:; 15 September 2010

Summary

Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman before 2.1.14rc1 allow remote authenticated users to inject arbitrary web script or HTML via vectors involving (1) the list information field or (2) the list description field.

References

http://marc.info/?l=oss-security&m=128438736513097&w=2

mailing-listx_refsource_MLIST

http://www.redhat.com/support/errata/RHSA-2011-0307.html

vendor-advisoryx_refsource_REDHAT

http://marc.info/?l=oss-security&m=128441369020123&w=2

mailing-listx_refsource_MLIST

Timeline

Vulnerability published
Sep 15, 2010
Vulnerability Reserved
Aug 20, 2010