A security flaw was found in the way Mailman mailing list manager sanitized mailing list description by presenting general mailing list information. A remote mailing list owner could use this flaw to conduct cross-site scripting (XSS) attacks (execute arbitrary HTML or scripting code). References: [1] http://mail.python.org/pipermail/mailman-announce/2010-September/000150.html
This issue affects the versions of the mailman package, as shipped with Red Hat Enterprise Linux 3, 4, and 5. -- This issue affects the versions of the mailman package, as shipped with Fedora release of 12 and 13.
Public via: http://mail.python.org/pipermail/mailman-announce/2010-September/000151.html
This issue has been assigned the name CVE-2010-3090.
*** This bug has been marked as a duplicate of bug 631881 ***
Note: CVE-2010-3090 was rejected because CVE-2010-3089 affects the same version and falls in the same class of issues per: http://www.openwall.com/lists/oss-security/2010/09/13/12