CVE-2020-12137

CWE-79 — Cross-site Scripting (XSS)11 documents7 sources

Severity

6.1MEDIUM

EPSS

5.2%

top 10.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

GNU Mailman Canonical Ubuntu Linux Debian Debian Linux +3 more

Timeline

PublishedApr 24

Latest updateMay 24

Description

GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed application/octet-stream MIME parts. This behavior may contribute to XSS attacks against list-archive visitors, because an HTTP reply from an archive web server may lack a MIME type, and a web browser may perform MIME sniffing, conclude that the MIME type should have been text/html, and execute JavaScript code.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages4 packages

▶NVDgnu/mailman2.0 — 2.1.30

▶Ubuntumailman< 1:2.1.20-1ubuntu0.4+2

▶NVDopensuse/leap15.2

▶NVDopensuse/backports_sle15.0

Also affects: Debian Linux 10.0, 8.0, 9.0, Fedora 31, 32, Ubuntu Linux 16.04, 18.04

🔴Vulnerability Details

GHSA

GHSA-7mvx-jp9h-p8gh: GNU Mailman 2↗2022-05-24

▶

OSV

mailman vulnerabilities↗2021-11-01

▶

OSV

mailman vulnerabilities↗2020-04-29

▶

CVEList

CVE-2020-12137: GNU Mailman 2↗2020-04-24

▶

OSV

CVE-2020-12137: GNU Mailman 2↗2020-04-24

▶

📋Vendor Advisories

Ubuntu

Mailman vulnerabilities↗2021-11-01

▶

Ubuntu

Mailman vulnerabilities↗2020-04-29

▶

Red Hat

mailman: XSS via file attachments in list archives↗2020-02-24

▶

💬Community

Bugzilla

CVE-2020-12137 mailman: XSS via file attachments in list archives [fedora-all]↗2020-04-30

▶

Bugzilla

CVE-2020-12137 mailman: XSS via file attachments in list archives↗2020-04-30

▶