[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249966

 
 

909

 
 

195636

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-3636Date: (C)2006-09-05   (M)2023-12-22


Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.9rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1016808
BID-19831
BID-20021
http://www.securityfocus.com/archive/1/archive/1/445992/100/0/threaded
SECUNIA-21732
SECUNIA-21792
SECUNIA-21879
SECUNIA-22011
SECUNIA-22020
SECUNIA-22227
SECUNIA-22639
ADV-2006-3446
DSA-1188
GLSA-200609-12
MDKSA-2006:165
RHSA-2006:0600
SUSE-SR:2006:025
USN-345-1
http://mail.python.org/pipermail/mailman-announce/2006-September/000087.html
http://moritz-naumann.com/adv/0013/mailmanmulti/0013.txt
http://sourceforge.net/project/shownotes.php?group_id=103&release_id=444295
mailman-unspecified-xss(28731)

CPE    12
cpe:/a:gnu:mailman:2.1b1
cpe:/a:gnu:mailman:2.1
cpe:/a:gnu:mailman:2.1.1
cpe:/a:gnu:mailman:2.1.1:beta1
...

© SecPod Technologies