0.003 Low
EPSS
Percentile
71.0%
Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) full name or (2) username field in a confirmation message.
mail.python.org/pipermail/mailman-announce/2011-February/000157.html
launchpad.net/bugs/cve/CVE-2011-0707
nvd.nist.gov/vuln/detail/CVE-2011-0707
security-tracker.debian.org/tracker/CVE-2011-0707
ubuntu.com/security/notices/USN-1069-1
www.cve.org/CVERecord?id=CVE-2011-0707