Cross-Site Scripting Vulnerability in Mailman Htdig Integration
CVE-2011-5024

Currently unrated

Key Information:

Vendor: Gnu
Status: Mailman
Vendor: CVE Published:; 29 December 2011

Summary

A Cross-Site Scripting vulnerability exists in the mmsearch/design component of the Mailman package when integrated with htdig. This flaw enables remote attackers to inject arbitrary web scripts or HTML code through manipulation of the config parameter. Exploiting this vulnerability could lead to unauthorized actions executed in the context of a user’s session, potentially compromising sensitive information and system integrity.

References

https://sitewat.ch/Advisory/View/3

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 29, 2011