mailman-2.1.15-26.el7.1
エラータID: AXSA:2018-2615:01
Release date:
Wednesday, March 14, 2018 - 05:10
Subject:
mailman-2.1.15-26.el7.1
Affected Channels:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
Mailman is a program used to help manage e-mail discussion lists.
Security Fix(es):
* mailman: Cross-site scripting (XSS) vulnerability in web UI (CVE-2018-5950)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2018-5950
Cross-site scripting (XSS) vulnerability in the web UI in Mailman
before 2.1.26 allows remote attackers to inject arbitrary web script
or HTML via a user-options URL.
Solution:
Update packages.
CVEs:
CVE-2018-5950
Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.
Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.
Additional Info:
N/A
Download:
SRPMS
- mailman-2.1.15-26.el7.1.src.rpm
MD5: 11dceaa6e52e3fd5a87b3b78b3918b3a
SHA-256: e71e116e2b7480d3506c70bf5073935133de377dbcaee6dd1c52d7c30909216c
Size: 8.18 MB
Asianux Server 7 for x86_64
- mailman-2.1.15-26.el7.1.x86_64.rpm
MD5: 51299fa79a6ff194a902068cff841890
SHA-256: 2eaac9204ba776f52e08e79b8559d3c95539a4d0c8f242e984b734a17393fc4d
Size: 5.41 MB