[Mailman-Developers] Fw: [ham] Mailman: cross-site scripting bug
Michael Meltzer
mjm at michaelmeltzer.com
Fri Jan 24 19:59:00 EST 2003
saw this on bugtraq, figuried it was a good idea to relay here.
MJM
----- Original Message -----
From: <webmaster at procheckup.com>
To: <bugtraq at securityfocus.com>
Sent: Friday, January 24, 2003 9:35 AM
Subject: [ham] Mailman: cross-site scripting bug
>
>
> Product: Mailman
> Affected Version: 2.1 not other version has been tested
> Vendor's URL: http://www.gnu.org/software/mailman/
> Solution: TBC
> Author: Manuel Rodriguez
>
> Introduction:
> ------------
> Mailman is software to help manage electronic mail discussion lists, much
> like Majordomo or Smartmail. And Mailman have web interface systems.
>
>
> Example:
> -----------------
> This is a simple example for version 2.1:
>
> 1) With mailman options the email variable is vulnerable to cross-site
> scripting.
>
> You can recognise the vulnerabilities with this type of URL:
>
> https://www.yourserver.com:443/mailman/options/yourlist?
> language=en&email=<SCRIPT>alert('Can%20Cross%20Site%20Attack')</SCRIPT>
> and that prove that any (malicious) script code is possible on web
> interface part of Mailman.
>
> 2) The default error page mailman generates does not adequately filter its
> input making it susceptible to cross-site scripting.
>
> https://www.yourserver.com:443//mailman/options/yourlist?
> language=<SCRIPT>alert('Can%20Cross%20Site%20Attack')</SCRIPT>
>
More information about the Mailman-Developers
mailing list