PT-2018-12192 · Gnu+5 · Gnu Mailman+5

Hammad Qureshi

·

Publicado

2018-07-12

·

Atualizado

2020-05-06

·

CVE-2018-13796

CVSS v3.1

6.5

Média

VetorAV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Name of the Vulnerable Software and Affected Versions GNU Mailman versions prior to 2.1.28
Description An issue allows a crafted URL to cause arbitrary text to be displayed on a web page from a trusted site.
Recommendations For GNU Mailman versions prior to 2.1.28, update to version 2.1.28 or later to resolve the issue.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

ALT-PU-2019-1010
CESA-2020_1054
CVE-2018-13796
DLA-1442-1
DLA-1442-2
GHSA-XQVG-XM9M-P2C4
MGASA-2018-0383
OPENSUSE-SU-2018_2309-1
RHSA-2020:1054
RHSA-2020_1054
SUSE-SU-2018:4296-1
SUSE-SU-2019:13924-1
USN-4348-1

Produtos afetados

Alt Linux
Centos
Gnu Mailman
Red Hat
Suse
Ubuntu