Cross-Site Scripting Vulnerabilities in GNU Mailman by Free Software Foundation
CVE-2011-0707

Currently unrated

Key Information:

Vendor

Gnu
Status
Mailman
Vendor
CVE Published:
22 February 2011

What is CVE-2011-0707?

Multiple cross-site scripting (XSS) vulnerabilities exist in GNU Mailman's Cgi/confirm.py script, affecting versions 2.1.14 and earlier. These vulnerabilities allow remote attackers to exploit the application by injecting arbitrary web scripts or HTML through the 'full name' or 'username' fields within confirmation messages. Proper validation and sanitization of user input are recommended to mitigate these risks and protect against unauthorized actions or data breaches.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.vupen.com/english/advisories/2011/0487
vdb-entryx_refsource_VUPEN
http://lists.fedoraproject.org/pipermail/package-announce...
vendor-advisoryx_refsource_FEDORA
http://www.redhat.com/support/errata/RHSA-2011-0307.html
vendor-advisoryx_refsource_REDHAT

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.