2 matches found
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper handling of user-supplied input in the list fields on page values and the Special:CargoTables interface. An attacker can execute arbitrary JavaScript in the context of other users by injecting...
mailman: Multiple security flaws leading to cross-site scripting (XSS) attacks
Multiple cross-site scripting XSS vulnerabilities in GNU Mailman before 2.1.14rc1 allow remote authenticated users to inject arbitrary web script or HTML via vectors involving 1 the list information field or 2 the list description field...