Cross-site scripting vulnerability in Mailman prior to 2.0.12 allows remote malicious users to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu mailman 2.0.12 |