Users login

Create an account »

JOIN XATRIX

Users login

Home » News » Mailman: cross-site scripting bug

Mailman: cross-site scripting bug

by Nikola Strahija on January 25th, 2003 Affected Version: 2.1 not other version has been tested .


Vendor's URL: http://www.gnu.org/software/mailman/
Solution: TBC
Author: Manuel Rodriguez

Introduction:
------------
Mailman is software to help manage electronic mail discussion lists, much
like Majordomo or Smartmail. And Mailman have web interface systems.


Example:
-----------------
This is a simple example for version 2.1:

1) With mailman options the email variable is vulnerable to cross-site
scripting.

You can recognise the vulnerabilities with this type of URL:

https://www.yourserver.com:443/mailman/options/yourlist?
language=en&email=<SCRIPT>alert('Can%20Cross%20Site%20Attack')</SCRIPT>
and that prove that any (malicious) script code is possible on web
interface part of Mailman.

2) The default error page mailman generates does not adequately filter its
input making it susceptible to cross-site scripting.

https://www.yourserver.com:443//mailman/options/yourlist?
language=<SCRIPT>alert('Can%20Cross%20Site%20Attack')</SCRIPT>


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »