What is the severity of CVE-2001-0884?

CVE-2001-0884 has a medium severity due to its potential to expose sensitive information via cross-site scripting.

How do I fix CVE-2001-0884?

To fix CVE-2001-0884, upgrade Mailman to version 2.08 or later.

What versions of Mailman are affected by CVE-2001-0884?

CVE-2001-0884 affects Mailman versions prior to 2.08, specifically 5.0, 5.1, 6.0, and 7.0.

What type of vulnerability is CVE-2001-0884?

CVE-2001-0884 is a cross-site scripting (XSS) vulnerability.

Can CVE-2001-0884 allow an attacker to steal authentication credentials?

Yes, attackers can potentially steal authentication credentials through a crafted link exploiting CVE-2001-0884.

Vulnerability/
CVE-2001-0884

medium

5.1

CWE

NVD-CWE-Other

21/12/2001

25/6/2002

8/8/2024

CVE-2001-0884

First published: Fri Dec 21 2001(Updated: )

Cross-site scripting vulnerability in Mailman email archiver before 2.08 allows attackers to obtain sensitive information or authentication credentials via a malicious link that is accessed by other web users.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
GNU Mailman	=5.0
GNU Mailman
GNU Mailman	=7.0
GNU Mailman	=5.1
GNU Mailman	=6.0
Mailman
Mailman	=5.0
Mailman	=5.1
Mailman	=6.0
Mailman	=7.0

Remedy

http://www.securityfocus.com/advisories/3721

Remedy

http://www.securityfocus.com/archive/1/242839

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2001-0884?
CVE-2001-0884 has a medium severity due to its potential to expose sensitive information via cross-site scripting.
How do I fix CVE-2001-0884?
To fix CVE-2001-0884, upgrade Mailman to version 2.08 or later.
What versions of Mailman are affected by CVE-2001-0884?
CVE-2001-0884 affects Mailman versions prior to 2.08, specifically 5.0, 5.1, 6.0, and 7.0.
What type of vulnerability is CVE-2001-0884?
CVE-2001-0884 is a cross-site scripting (XSS) vulnerability.
Can CVE-2001-0884 allow an attacker to steal authentication credentials?
Yes, attackers can potentially steal authentication credentials through a crafted link exploiting CVE-2001-0884.

agent/type
agent/first-publish-date
agent/remedy
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/weakness
agent/author
agent/severity
agent/references
agent/event
agent/description
agent/source
agent/softwarecombine
collector/nvd-historical
agent/software-canonical-lookup-request
agent/tags
collector/nvd-index
vendor/gnu
canonical/gnu mailman
version/gnu mailman/5.0
version/gnu mailman/7.0
version/gnu mailman/5.1
version/gnu mailman/6.0
canonical/mailman
version/mailman/5.0
version/mailman/5.1
version/mailman/6.0
version/mailman/7.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.