First published: Mon Sep 04 2006(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.9rc1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/mailman | <3:2.1.5.1-25.rhel3.7 | 3:2.1.5.1-25.rhel3.7 |
redhat/mailman | <3:2.1.5.1-34.rhel4.5 | 3:2.1.5.1-34.rhel4.5 |
Mailman | =2.1 | |
Mailman | =2.1.1 | |
Mailman | =2.1.1-beta1 | |
Mailman | =2.1.2 | |
Mailman | =2.1.3 | |
Mailman | =2.1.4 | |
Mailman | =2.1.5 | |
Mailman | =2.1.5.8 | |
Mailman | =2.1.6 | |
Mailman | =2.1.7 | |
Mailman | =2.1.8 | |
Mailman | =2.1b1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2006-3636 has a severity rating that typically indicates it allows for the injection of arbitrary web scripts via various vectors.
To fix CVE-2006-3636, upgrade to Mailman version 2.1.9rc1 or later.
CVE-2006-3636 affects Mailman versions prior to 2.1.9rc1, including 2.1.5 and earlier.
Yes, CVE-2006-3636 can potentially lead to data breaches by allowing attackers to execute scripts that could capture sensitive information.
CVE-2006-3636 can enable cross-site scripting (XSS) attacks, allowing attackers to inject malicious scripts into web pages viewed by users.