Vulnerabilities > GNU > Mailman > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-02-17 | CVE-2003-0992 | Unspecified vulnerability in GNU Mailman Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users. network gnu | 4.3 |
2004-02-17 | CVE-2003-0965 | Cross-Site Scripting vulnerability in GNU Mailman Admin Page Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities. network gnu | 6.8 |
2003-02-07 | CVE-2003-0038 | Cross-Site Scripting vulnerability in GNU Mailman 2.1 Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters. network gnu | 4.3 |
2001-12-21 | CVE-2001-0884 | Cross-Site Scripting vulnerability in GNU Mailman Cross-site scripting vulnerability in Mailman email archiver before 2.08 allows attackers to obtain sensitive information or authentication credentials via a malicious link that is accessed by other web users. | 5.1 |
2001-05-03 | CVE-2001-0290 | Local Security vulnerability in Mailman Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords. | 4.6 |