Mailman could be made to inject arbitrary content in the login page if it received a specially crafted input.
It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary content in the login page.
11 May 2020
A security issue affects these releases of Ubuntu and its derivatives:
Mailman could be made to inject arbitrary content in the login page if it received a specially crafted input.
It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary content in the login page.
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system update will make all the necessary changes.