Vulnerabilities > CVE-2002-0388 - HTML Injection vulnerability in GNU Mailman Pipermail Index Summary
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 18 |
Exploit-Db
| description | GNU Mailman 2.0.x Admin Login Cross-Site Scripting Vulnerability. CVE-2002-0388. Webapps exploit for cgi platform |
| id | EDB-ID:21480 |
| last seen | 2016-02-02 |
| modified | 2002-05-20 |
| published | 2002-05-20 |
| reporter | office |
| source | https://www.exploit-db.com/download/21480/ |
| title | GNU Mailman 2.0.x Admin Login Cross-Site Scripting Vulnerability |
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-147.NASL description A cross-site scripting vulnerability was discovered in mailman, a software to manage electronic mailing lists. When a properly crafted URL is accessed with Internet Explorer (other browsers don last seen 2020-06-01 modified 2020-06-02 plugin id 14984 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/14984 title Debian DSA-147-1 : mailman - XSS NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2002-125.NASL description Updated mailman packages are now available for Red Hat Linux Advanced Server. These updates resolve a cross-site scripting vulnerability present in versions of Mailman prior to 2.0.11. Two cross-site scripting vulnerabilities have been discovered in versions of Mailman prior to version 2.0.11. last seen 2020-06-01 modified 2020-06-02 plugin id 12304 published 2004-07-06 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/12304 title RHEL 2.1 : mailman (RHSA-2002:125)