Users of mailman please be advised of a cross-site scripting vulnerabilities that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
MDVSA-2010:191: [MDVSA-2010:191] mailman cross-site scripting
Problem Description:
Multiple vulnerabilities has been found and corrected in mailman:
Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman
before 2.1.14rc1 allow remote authenticated users to inject arbitrary
web script or HTML via vectors involving (1) the list information
field or (2) the list description field (CVE-2010-3089).
Read more at www.criticalwatch.com
See this Amp at http://bit.ly/9yMNZ6
No comments:
Post a Comment