The vulnerability in the web interface of the LISTSERV email list management system, related to the lack of protective measures for the website structure, allows a attacker to carry out XSS attacks.

The vulnerability in the web interface of the LISTSERV email list management system is related to the lack of measures taken to protect the website’s structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

CVE-2022-39195

A cross-site scripting XSS vulnerability in the LISTSERV 17 web interface allows remote attackers to inject arbitrary JavaScript or HTML via the c parameter...

CVE-2022-39195

A cross-site scripting XSS vulnerability in the LISTSERV 17 web interface allows remote attackers to inject arbitrary JavaScript or HTML via the c parameter...

CVE-2022-40319

The LISTSERV 17 web interface allows remote attackers to conduct Insecure Direct Object References IDOR attacks via a modified email address in a wa.exe URL. The impact is unauthorized modification of a victim's LISTSERV account...

PT-2023-7918 · L Soft · Listserv 17

Name of the Vulnerable Software and Affected Versions: LISTSERV 17 web interface Description: A cross-site scripting XSS issue in the LISTSERV 17 web interface allows remote attackers to inject arbitrary JavaScript or HTML via the c parameter. This can be exploited by a remote attacker to conduct...