Mailman, the mailing list manager, did not properly sanitize full name of the mailing list member, in the following confirmation dialogs: 1), "Confirm unsubscription request" screen, 2), "Confirm change of email address request" screen, 3), "Re-enable mailing list membership" screen. A remote, authenticated user could use these flaws to conduct cross-site scripting (XSS) attacks (execute arbitrary HTML or scripting code) via a specially-crafted full name of the mailing list member. References: [1] http://mail.python.org/pipermail/mailman-announce/2011-February/000157.html Acknowledgements: Red Hat would like to thank Mark Sapiro for reporting these flaws.
These issues affect the versions of the mailman package, as shipped with Red Hat Enterprise Linux 4, 5, and 6. -- These issues affect the versions of the mailman package, as shipped with Fedora release of 13 and 14.
Public via: http://mail.python.org/pipermail/mailman-announce/2011-February/000158.html
Created mailman tracking bugs for this issue Affects: fedora-all [bug 679644]
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2011:0307 https://rhn.redhat.com/errata/RHSA-2011-0307.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2011:0308 https://rhn.redhat.com/errata/RHSA-2011-0308.html