CVSS: 6.1EPSS: 2%CPEs: 20EXPL: 2CVE-2018-5950 – mailman: Cross-site scripting (XSS) vulnerability in web UI
https://notcve.org/view.php?id=CVE-2018-5950
23 Jan 2018 — Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL. Vulnerabilidad de Cross-Site Scripting (XSS) en la interfaz de usuario web en Mailman en versiones anteriores a la 2.1.26 permite que atacantes remotos inyecten scripts web o HTML arbitrarios mediante una URL user-options. A cross-site scripting (XSS) flaw was found in mailman. An attacker, able to trick the user into visiting a specific URL, ... • https://packetstorm.news/files/id/159761 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2001-0884
https://notcve.org/view.php?id=CVE-2001-0884
21 Dec 2001 — Cross-site scripting vulnerability in Mailman email archiver before 2.08 allows attackers to obtain sensitive information or authentication credentials via a malicious link that is accessed by other web users. Vulnerabilidad de secuencias de comandos en sitios cruzados en el archivador de correo electrónico Mailman permite a atacantes ganar información sensible o credenciales de autenticación mediante un enlace malicioso que es accedido por otros usuarios web. • http://www.redhat.com/support/errata/RHSA-2001-168.html •