CVE 2018-13796

An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.

Related bugs and status

CVE-2018-13796 (Candidate) is related to these bugs:

Bug #1780874: Arbitrary text injection vulnerability in Mailman CGIs

Summary				In	Importance	Status
	1780874	Arbitrary text injection vulnerability in Mailman CGIs		GNU Mailman	Low	Fix Released

Bug #1803838: Mailman Upgrade to 2.1.29 - Ubuntu 16.04

Summary				In	Importance	Status
	1803838	Mailman Upgrade to 2.1.29 - Ubuntu 16.04		mailman (Ubuntu)	Undecided	New

Bug #1913241: A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.

Summary				In	Importance	Status
	1913241	A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.		GNU Mailman	Undecided	New

See the

CVE page on Mitre.org for more details.