| Revision Date: | 2014-05-26 | Version: | 20 |
| Title: | ELSA-2011:0308: mailman security update (Moderate) |
| Description: | Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) full name or (2) username field in a confirmation message. |
| Family: | unix | Class: | patch |
| Status: | ACCEPTED | Reference(s): | CVE-2010-3089
CVE-2011-0707
ELSA-2011:0308-01
|
| Platform(s): | Oracle Linux 6
| Product(s): | mailman
|
| Definition Synopsis |
| mailman is earlier than 3:2.1.12-14.el6_0.2 AND Oracle Linux 6.x
|