Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sympa | Sympa | 4.0 (including) | 4.0 (including) |
Sympa | Sympa | 4.1 (including) | 4.1 (including) |
Sympa | Sympa | 4.1.1 (including) | 4.1.1 (including) |
Sympa | Sympa | 4.1.2 (including) | 4.1.2 (including) |
Sympa | Ubuntu | dapper | * |
Sympa | Ubuntu | devel | * |
Sympa | Ubuntu | edgy | * |
Sympa | Ubuntu | feisty | * |