VDB

GCVE-VVD-MAGEIA-2018-184

GCVE-VVD-MAGEIA-2018-184
Advisory Published
Vulnetix · Advisory published December 20, 2018
Updated mailman package fixes security vulnerability: Calum Hutton and the Mailman team discovered a cross site scripting and information leak vulnerability in the user options page. A remote attacker could use a crafted URL to steal cookie information or to fish for whether a user is subscribed to a list with a private roster (CVE-2018-5950).
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiamailman0 (affected), 2.1.23-2.1.mga6 (unaffected), 0 (affected), 2.1.23-2.1.mga6 (unaffected)
Mageiapython-attrs0 (affected), 17.4.0-1.mga6 (unaffected)

References

Updated mailman packages fix a security vulnerability
advisory
Updated mailman packages fix a security vulnerability
advisory
Updated mailman packages fix a security vulnerability
issue
Updated python-attrs packages restore compatability with python-twisted
advisory
Updated python-attrs packages restore compatability with python-twisted
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›