CVE-2002-0855

Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber’s list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature.

Date published : 2002-08-14

http://www.securityfocus.com/bid/5298

http://archives.neohapsis.com/archives/bugtraq/2002-07/0268.html