[28610] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Mailman: cross-site scripting bug

daemon@ATHENA.MIT.EDU (webmaster@procheckup.com)
Fri Jan 24 12:51:28 2003

Date: 24 Jan 2003 14:35:07 -0000
Message-ID: <20030124143507.32126.qmail@mail.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: <webmaster@procheckup.com>
To: bugtraq@securityfocus.com

Product: Mailman
Affected Version: 2.1 not other version has been tested
Vendor's URL: http://www.gnu.org/software/mailman/
Solution: TBC
Author: Manuel Rodriguez

Introduction:
------------
Mailman is software to help manage electronic mail discussion lists, much 
like Majordomo or Smartmail.  And Mailman have web interface systems.

Example:
-----------------
This is a simple example for version 2.1:

1) With mailman options the email variable is vulnerable to cross-site 
scripting.

You can recognise the vulnerabilities with this type of URL:

https://www.yourserver.com:443/mailman/options/yourlist?
language=en&email=&lt;SCRIPT&gt;alert('Can%20Cross%20Site%20Attack')&lt;/SCRIPT&gt; 
and that prove that any (malicious) script code is possible on web 
interface part of Mailman.

2) The default error page mailman generates does not adequately filter its 
input making it susceptible to cross-site scripting.

https://www.yourserver.com:443//mailman/options/yourlist?
language=&lt;SCRIPT&gt;alert('Can%20Cross%20Site%20Attack')&lt;/SCRIPT&gt;


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[28610] in bugtraq

Mailman: cross-site scripting bug

daemon@ATHENA.MIT.EDU (webmaster@procheckup.com)Fri Jan 24 12:51:28 2003

daemon@ATHENA.MIT.EDU (webmaster@procheckup.com)
Fri Jan 24 12:51:28 2003