Vulnerabilities > GNU > Mailman > 2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-02-17 | CVE-2003-0965 | Cross-Site Scripting vulnerability in GNU Mailman Admin Page Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities. network gnu | 6.8 |
| 2002-06-18 | CVE-2002-0388 | HTML Injection vulnerability in GNU Mailman Pipermail Index Summary Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries. | 7.5 |
| 2001-09-05 | CVE-2001-1132 | Unspecified vulnerability in GNU Mailman Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when there is an empty site or list password, which is not properly handled during the call to the crypt function during authentication. | 7.5 |
| 2001-05-03 | CVE-2001-0290 | Local Security vulnerability in Mailman Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords. | 4.6 |