Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sympa | Sympa | 4.1.1 | 4.1.1 |
Sympa | Sympa | 4.0 | 4.0 |
Sympa | Sympa | 4.1.2 | 4.1.2 |
Sympa | Sympa | 4.1 | 4.1 |