Vulnerabilities > CVE-2006-1712 - Unspecified vulnerability in GNU Mailman 2.1.7

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

gnu

nessus

NVD

Published: 2006-04-11

Updated: 2024-11-21

Summary

Cross-site scripting (XSS) vulnerability in the private archive script (private.py) in GNU Mailman 2.1.7 allows remote attackers to inject arbitrary web script or HTML via the action argument.

Vulnerable Configurations

Part	Description	Count
Application	Gnu GNU Mailman 2.1.7	1

Nessus

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_PKG_8BE2E304CCE611DAA3B100123FFE8333.NASL
description	Secunia reports : A vulnerability has been reported in Mailman, which can be exploited by malicious people to conduct cross-site scripting attacks. Unspecified input passed to the private archive script is not properly sanitised before being returned to users. This can be exploited to execute arbitrary HTML and script code in a user
last seen	2020-06-01
modified	2020-06-02
plugin id	21469
published	2006-05-13
reporter	This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/21469
title	FreeBSD : mailman -- Private Archive Script XSS (8be2e304-cce6-11da-a3b1-00123ffe8333)

Summary

Vulnerable Configurations

Nessus

References