—
PYSEC-2026-657
Mailman Cross-site scripting (XSS) vulnerability
Details
Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters.
Are you affected?
Enter the version of the package you're using.
Affected packages
References
- https://nvd.nist.gov/vuln/detail/CVE-2003-0038 [ADVISORY]
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11152 [WEB]
- http://marc.info/?l=bugtraq&m=104342745916111 [WEB]
- http://telia.dl.sourceforge.net/sourceforge/mailman/xss-2.1.0-patch.txt [WEB]
- http://www.debian.org/security/2004/dsa-436 [WEB]
- http://www.osvdb.org/9205 [WEB]
- http://www.securityfocus.com/bid/6677 [WEB]
- http://www.securitytracker.com/id?1005987 [WEB]
- https://pypi.org/project/mailman [PACKAGE]
- https://github.com/advisories/GHSA-82rm-28q9-435p [ADVISORY]