CVE-2018-5950
23.01.2018, 16:29
Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.
Vendor | Product | Version |
---|---|---|
gnu | mailman | 𝑥 < 2.1.26 |
debian | debian_linux | 7.0 |
debian | debian_linux | 8.0 |
debian | debian_linux | 9.0 |
canonical | ubuntu_linux | 14.04 |
canonical | ubuntu_linux | 16.04 |
canonical | ubuntu_linux | 17.10 |
redhat | enterprise_linux_desktop | 6.0 |
redhat | enterprise_linux_desktop | 7.0 |
redhat | enterprise_linux_server | 6.0 |
redhat | enterprise_linux_server | 7.0 |
redhat | enterprise_linux_server_aus | 7.4 |
redhat | enterprise_linux_server_aus | 7.6 |
redhat | enterprise_linux_server_eus | 7.4 |
redhat | enterprise_linux_server_eus | 7.5 |
redhat | enterprise_linux_server_eus | 7.6 |
redhat | enterprise_linux_server_tus | 7.4 |
redhat | enterprise_linux_server_tus | 7.6 |
redhat | enterprise_linux_workstation | 6.0 |
redhat | enterprise_linux_workstation | 7.0 |
𝑥
= Vulnerable software versions

Ubuntu Releases
References