Download
| Alert*
DSA-2170-1 mailman -- several issues
Two cross site scripting vulnerabilities were been discovered in Mailman, a web-based mailing list manager. These allowed an attacker to retrieve session cookies via inserting crafted JavaScript into confirmation messages and in the list admin interface .
|