Mailman vulnerabilities

ID USN-1069-1
Type ubuntu
Reporter Ubuntu
Modified 2011-02-22T00:00:00


It was discovered that Mailman did not properly sanitize certain fields, resulting in cross-site scripting (XSS) vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.