CVE-2010-4339

Name of the Vulnerable Software and Affected Versions Hypermail version 2.2.0

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via a crafted From address. This occurs because the From address is not properly handled when indexing messages.

Recommendations For Hypermail version 2.2.0, consider updating to a newer version that properly handles the From address to prevent XSS attacks. As a temporary workaround, restrict the ability to inject arbitrary web script or HTML via the From address when indexing messages.