Lucene search
GnuMailman
3 matches found
CVE-2018-5950
Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.
6.1CVSS5.9AI score0.02431EPSS
CVE-2018-13796
An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.
6.5CVSS6AI score0.00306EPSS
CVE-2018-0618
Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
5.4CVSS5AI score0.00552EPSS