CVE-ID

CVE-2002-0388

• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Date Entry Created
20020523 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20090716)
Votes (Legacy)
ACCEPT(3) Armstrong, Baker, Cole
MODIFY(2) Cox, Frech
NOOP(3) Christey, Foat, Wall
Comments (Legacy)
 Christey> REDHAT:RHSA-2002:099
 Cox> ADDREF: RHSA-2002:099 RHSA-2002:100 RHSA-2002:101
 Christey> CONECTIVA:CLA-2002:489
   URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000489
   BID:4825
   URL:http://www.securityfocus.com/bid/4825
   BID:4826
   URL:http://www.securityfocus.com/bid/4826
   XF:mailman-pipermail-index-css(9173)
   URL:http://www.iss.net/security_center/static/9173.php
   XF:mailman-admin-login-css(9172)
   URL:http://www.iss.net/security_center/static/9172.php
 Christey> DEBIAN:DSA-147
 Frech> XF:mailman-pipermail-index-css(9173)
 Christey> 
   It's not clear whether DEBIAN:DSA-147-2 addresses this issue
   in addition to, or instead of, CVE-2002-0855

Proposed (Legacy)
20020611
This is an entry on the CVE list, which standardizes names for security problems.