GHSA-82rm-28q9-435p

Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-82rm-28q9-435p/GHSA-82rm-28q9-435p.json

Aliases

CVE-2003-0038

Published

2022-04-29T01:25:43Z

Modified

2023-09-18T22:45:55.023303Z

Details

Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters.

References

https://nvd.nist.gov/vuln/detail/CVE-2003-0038
https://exchange.xforce.ibmcloud.com/vulnerabilities/11152
http://marc.info/?l=bugtraq&m=104342745916111
http://telia.dl.sourceforge.net/sourceforge/mailman/xss-2.1.0-patch.txt
http://www.debian.org/security/2004/dsa-436
http://www.osvdb.org/9205
http://www.securityfocus.com/bid/6677
http://www.securitytracker.com/id?1005987

Affected packages

PyPI / mailman

Source Details

Package Name: mailman

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0The exact introduced commit is unknown

Fixed

2.1.1

Affected versions

3.*

3.0.0b3-

Ecosystem specific

{
    "affected_functions": [
        ""
    ]
}