[ mailman-Patches-674553 ] patch for options.py cross site scripting
bug
SourceForge.net
noreply at sourceforge.net
Sat Jan 25 07:24:57 EST 2003
Patches item #674553, was opened at 2003-01-25 07:42
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=300103&aid=674553&group_id=103
Category: Web UI
Group: Mailman 2.1
Status: Open
Resolution: None
Priority: 5
Submitted By: Tokio Kikuchi (tkikuchi)
Assigned to: Nobody/Anonymous (nobody)
Summary: patch for options.py cross site scripting bug
Initial Comment:
fix this issue
Example:
-----------------
This is a simple example for version 2.1:
1) With mailman options the email variable is
vulnerable to cross-site scripting.
You can recognise the vulnerabilities with this type of
URL:
https://www.yourserver.com:443/mailman/options/yourlist?
language=en&email=<SCRIPT>alert('Can%20Cross%20Site%20Attack')</SCRIPT>
and that prove that any (malicious) script code is
possible on web interface part of Mailman.
2) The default error page mailman generates does not
adequately filter its input making it susceptible to
cross-site scripting.
https://www.yourserver.com:443//mailman/options/yourlist?
language=<SCRIPT>alert('Can%20Cross%20Site%20Attack')</SCRIPT>
----------------------------------------------------------------------
>Comment By: Barry A. Warsaw (bwarsaw)
Date: 2003-01-25 10:24
Message:
Logged In: YES
user_id=12800
Please try this more comprehensive fix. If it looks good, I
will issue a security patch later today.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=300103&aid=674553&group_id=103
More information about the Mailman-coders
mailing list