Arbitrary Content Injection via the private archive login page.
Bug #1877379 reported by
Mark Sapiro
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| GNU Mailman |
Fix Released
|
Low
|
Mark Sapiro | ||
Bug Description
This is essentially the same as https:/
This is fixed by the attached patch.
Related branches
CVE References
| Changed in mailman: | |
| status: | In Progress → Fix Released |
To post a comment you must log in.
