Mailman before version 2.1.28 has a vulnerability in the Utils.py:GetPathPieces() function that allows an attacker to submit URLs with long listnames resulting in arbitrary text to be echoed in "No such list" error responses. This can be used to make a potential victim think the phishing text comes from a trusted site. Upstream Bug: https://bugs.launchpad.net/mailman/+bug/1780874 Upstream Patch: https://launchpadlibrarian.net/379908276/patch.txt Reference: https://www.mail-archive.com/mailman-users@python.org/msg71003.html
Created mailman tracking bugs for this issue: Affects: fedora-all [bug 1609091]
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:1054 https://access.redhat.com/errata/RHSA-2020:1054
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2018-13796