Cross-site scripting (XSS) vulnerability in the private archive script (private.py) in GNU Mailman 2.1.7 allows remote attackers to inject arbitrary web script or HTML via the action argument.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mailman | Gnu | 2.1.7 (including) | 2.1.7 (including) |
Mailman | Ubuntu | devel | * |
Mailman | Ubuntu | edgy | * |
Mailman | Ubuntu | feisty | * |
Mailman | Ubuntu | upstream | * |