CVE-2004-1735

Name of the Vulnerable Software and Affected Versions Sympa versions 4.1.x and earlier

Description A cross-site scripting (XSS) issue exists in the create list option, allowing remote authenticated users to inject arbitrary web script or HTML via the description field.

Recommendations For Sympa versions 4.1.x and earlier, as a temporary workaround, consider restricting access to the create list option until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.