Potential XSS attack via the user options page.
Bug #1949401 reported by
Mark Sapiro
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| GNU Mailman |
Fix Released
|
Medium
|
Mark Sapiro | ||
Bug Description
A crafted URL to the user options page can execute arbitrary javascript.
Related branches
CVE References
Revision history for this message
| Mark Sapiro (msapiro) wrote | #1 |
| Changed in mailman: | |
| status: | In Progress → Fix Released |
| information type: | Private Security → Public Security |
To post a comment you must log in.
