Vulnerabilities > Sympa > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-10 | CVE-2020-26932 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products debian/sympa.postinst for the Debian Sympa package before 6.2.40~dfsg-7 uses mode 4755 for sympa_newaliases-wrapper, whereas the intended permissions are mode 4750 (for access by the sympa group) | 4.3 |
| 2018-09-06 | CVE-2018-1000671 | Open Redirect vulnerability in multiple products sympa version 6.2.16 and later contains a CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in The "referer" parameter of the wwsympa.fcgi login action. | 6.1 |