Arbitrary Content Injection via the private archive login page.

Bug #1877379 reported by Mark Sapiro on 2020-05-07
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
GNU Mailman
Low
Mark Sapiro

Bug Description

This is essentially the same as https://bugs.launchpad.net/mailman/+bug/1873722 except the vector is the private archive login page and the attack only succeeds if the list's roster visibility (private_roster) setting is 'Anyone'.

This is fixed by the attached patch.

Related branches

CVE References

Mark Sapiro (msapiro) wrote :
Mark Sapiro (msapiro) on 2020-05-07
Changed in mailman:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers