← back
CVE-2020-15011

CVE-2020-15011

EPSS 1.9%
GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00047.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-10/msg00063.htmlhttps://bugs.launchpad.net/mailman/+bug/1877379https://lists.debian.org/debian-lts-announce/2020/06/msg00036.htmlhttps://lists.debian.org/debian-lts-announce/2020/07/msg00007.htmlhttps://usn.ubuntu.com/4406-1/https://www.debian.org/security/2021/dsa-4991