CVE-2018-13796: An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.

medium6.5CVSS 3.0

AVNACLPRNUIRSUCNIHAN

An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.

4 ranges

Vendor	Product	Version range	Fixed in
gnu	mailman	< 2.1.28	2.1.28
gnu	mailman	>= 0 < 2.1.28	2.1.28
gnu	mailman	>= 0 < 1:2.1.20-1ubuntu0.4	1:2.1.20-1ubuntu0.4
gnu	mailman	>= 0 < 1:2.1.26-1ubuntu0.1	1:2.1.26-1ubuntu0.1

nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

osv6.5MEDIUM