Moole Vulnerability Database

Find real vulnerabilities before they ship

Unknown

CVE-2003-0038

Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters.

PublishedFeb 07, 2003, 05:00

Published Bycve@mitre.org

Affected Versions

Package (Ecosystem)IntroducedFixedLimit

mailman(PyPI)02.1.1N/A

References

http://marc.info/?l=bugtraq&m=104342745916111
http://telia.dl.sourceforge.net/sourceforge/mailman/xss-2.1.0-patch.txt
http://www.debian.org/security/2004/dsa-436
http://www.osvdb.org/9205
http://www.securityfocus.com/bid/6677
http://www.securitytracker.com/id?1005987
https://exchange.xforce.ibmcloud.com/vulnerabilities/11152

Weakness Type

NVD-CWE-Other

CVSS Metrics

Base Score

4.3

Vector String

AV:N/AC:M/Au:N/C:N/I:P/A:N

Base SeverityUnknown

Version

2.0

Attack Vector (AV)