First published: Thu Jul 12 2018(Updated: )
An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
ubuntu/mailman | <1:2.1.26-1ubuntu0.1 | 1:2.1.26-1ubuntu0.1 |
ubuntu/mailman | <1:2.1.27-1.1 | 1:2.1.27-1.1 |
ubuntu/mailman | <1:2.1.20-1ubuntu0.4 | 1:2.1.20-1ubuntu0.4 |
<2.1.28 | ||
GNU Mailman | <2.1.28 | |
debian/mailman | 1:2.1.29-1+deb10u5 1:2.1.29-1+deb10u2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this issue is CVE-2018-13796.
The severity level of CVE-2018-13796 is medium.
The affected software version range for CVE-2018-13796 is from GNU Mailman before 2.1.28.
A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site, exploiting CVE-2018-13796.
More information about CVE-2018-13796 can be found at the following references: [link1] [link2] [link3].