CVE-2018-5950
Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.
Cross-site Scripting
Vendor | Product | Version |
---|---|---|
gnu | mailman | 𝑥 < 2.1.26 |
debian | debian_linux | 7.0 |
debian | debian_linux | 8.0 |
debian | debian_linux | 9.0 |
canonical | ubuntu_linux | 14.04 |
canonical | ubuntu_linux | 16.04 |
canonical | ubuntu_linux | 17.10 |
redhat | enterprise_linux_desktop | 6.0 |
redhat | enterprise_linux_desktop | 7.0 |
redhat | enterprise_linux_server | 6.0 |
redhat | enterprise_linux_server | 7.0 |
redhat | enterprise_linux_server_aus | 7.4 |
redhat | enterprise_linux_server_aus | 7.6 |
redhat | enterprise_linux_server_eus | 7.4 |
redhat | enterprise_linux_server_eus | 7.5 |
redhat | enterprise_linux_server_eus | 7.6 |
redhat | enterprise_linux_server_tus | 7.4 |
redhat | enterprise_linux_server_tus | 7.6 |
redhat | enterprise_linux_workstation | 6.0 |
redhat | enterprise_linux_workstation | 7.0 |
Common Weakness Enumeration