4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
75.1%
Secunia reports:
A vulnerability has been reported in Mailman, which can be
exploited by malicious users to conduct script insertion
attacks.
Certain input when editing the list templates and the list info
attribute is not properly sanitised before being stored. This can be
exploited to insert arbitrary HTML and script code, which is
executed in a user’s browser session in context of an affected site
when the malicious website is accessed.