Max CVSS 4.3 Min CVSS 3.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-12137 4.3
GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. This behavior may contribute to XSS attacks against list-archive visitors, because an HTTP reply from an archive web server may lack a MIME type,
27-10-2020 - 16:15 24-04-2020 - 13:15
CVE-2018-13796 4.3
An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.
06-05-2020 - 20:15 12-07-2018 - 18:29
CVE-2018-0618 3.5
Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
06-05-2020 - 20:15 26-07-2018 - 17:29
Back to Top Mark selected
Back to Top