| Max CVSS | 4.3 | Min CVSS | 2.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-12137 | 4.3 |
GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. This behavior may contribute to XSS attacks against list-archive visitors, because an HTTP reply from an archive web server may lack a MIME type,
|
16-11-2022 - 03:14 | 24-04-2020 - 13:15 | |
| CVE-2020-12108 | 4.3 |
/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection.
|
02-12-2021 - 19:30 | 06-05-2020 - 15:15 | |
| CVE-2020-15011 | 2.6 |
GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page.
|
30-11-2021 - 22:29 | 24-06-2020 - 12:15 |