CVE-2018-13796

Synopsis Moderate: mailman security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for mailman is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) ba ...

Debian Bug report logs - #903674 mailman: CVE-2018-13796: Arbitrary text injection vulnerability in Mailman CGIs Package: src:mailman; Maintainer for src:mailman is Mailman for Debian <pkg-mailman-hackers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 12 Jul 2018 19:42:01 UT ...

Several security issues were fixed in Mailman ...

A cross-site scripting vulnerability (XSS) has been discovered in mailman due to the host_name field not being properly validated A malicious list owner could use this flaw to create a specially crafted list and inject client-side scripts (CVE-2018-0618) An issue was discovered in GNU Mailman before 2128 A crafted URL can cause arbitrary text ...

Cross-site scripting vulnerability in Mailman 2126 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors (CVE-2018-0618) An issue was discovered in GNU Mailman before 2128 A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site (CVE-2018-13796) ...

An issue was discovered in GNU Mailman before 2128 A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site ...