CVE-2003-0965 | Vulnerability Database | Aqua Security

Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities.

Affected Software

Name	Vendor	Start Version	End Version
Mailman	Gnu	*	2.1.4 (including)
Red Hat Linux 9	RedHat		*

References

http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000842
http://mail.python.org/pipermail/mailman-announce/2003-December/000066.html
http://secunia.com/advisories/10519
http://www.debian.org/security/2004/dsa-436
http://www.mandriva.com/security/advisories?name=MDKSA-2004:013
http://www.osvdb.org/3305
http://www.redhat.com/support/errata/RHSA-2004-020.html
http://www.securityfocus.com/bid/9336
https://exchange.xforce.ibmcloud.com/vulnerabilities/14121
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A813
http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000842
http://mail.python.org/pipermail/mailman-announce/2003-December/000066.html
http://secunia.com/advisories/10519
http://www.debian.org/security/2004/dsa-436
http://www.mandriva.com/security/advisories?name=MDKSA-2004:013
http://www.osvdb.org/3305
http://www.redhat.com/support/errata/RHSA-2004-020.html
http://www.securityfocus.com/bid/9336
https://exchange.xforce.ibmcloud.com/vulnerabilities/14121
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A813

NVD	https://nvd.nist.gov/vuln/detail/CVE-2003-0965
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html