Gnu: >> Mailman >> 2.1.4 Security Vulnerabilities
Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server.
CVSS Score
5.0
EPSS Score
0.026
Published
2004-08-18
Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities.
CVSS Score
6.8
EPSS Score
0.031
Published
2004-02-17
Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives.
CVSS Score
2.1
EPSS Score
0.002
Published
2002-06-18
Cross-site scripting vulnerability in Mailman email archiver before 2.08 allows attackers to obtain sensitive information or authentication credentials via a malicious link that is accessed by other web users.
CVSS Score
5.1
EPSS Score
0.007
Published
2001-12-21
Page 4