4.3

CVE-2004-1177

Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GnuMailman Version1.0
GnuMailman Version1.1
GnuMailman Version2.0
GnuMailman Version2.0 Updatebeta3
GnuMailman Version2.0 Updatebeta4
GnuMailman Version2.0 Updatebeta5
GnuMailman Version2.0.1
GnuMailman Version2.0.2
GnuMailman Version2.0.3
GnuMailman Version2.0.4
GnuMailman Version2.0.5
GnuMailman Version2.0.6
GnuMailman Version2.0.7
GnuMailman Version2.0.8
GnuMailman Version2.0.9
GnuMailman Version2.0.10
GnuMailman Version2.0.11
GnuMailman Version2.0.12
GnuMailman Version2.0.13
GnuMailman Version2.1
GnuMailman Version2.1.1
GnuMailman Version2.1.2
GnuMailman Version2.1.3
GnuMailman Version2.1.4
GnuMailman Version2.1b1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.59% 0.799
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N