https://www.exploit-db.com/exploits/22199
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200302-011

Mailman2.1中options.py存在跨站脚本（XSS）漏洞。远程攻击者可以借助(1)email或者(2)language参数向网页中注入脚本或者HTML。

source: http://www.securityfocus.com/bid/6678/info

A vulnerability has been discovered in GNU Mailman. The issue occurs to insufficient sanitization of user-supplied data which is output when generating error pages.

As a result, attackers may embed malicious script code or HTML into a link to a site running the vulnerable software. If such a link is followed, the attacker-supplied code will be interpreted in the web browser of the victim of the attack. It may be possible to steal the unsuspecting user's cookie-based authentication credentials, as well as other sensitive information. Other attacks are also possible.

It has been reported that GNU Mailman 2.0.11 is not affected by this issue.

https://www.yourserver.com:443//mailman/options/yourlist?
language=<SCRIPT>alert('Can%20Cross%20Site%20Attack')</SCRIPT>

来源:DEBIAN
名称:DSA-436
链接:http://www.debian.org/security/2004/dsa-436
来源:telia.dl.sourceforge.net
链接:http://telia.dl.sourceforge.net/sourceforge/mailman/xss-2.1.0-patch.txt
来源:BUGTRAQ
名称:20030124Mailman:cross-sitescriptingbug
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=104342745916111
来源:XF
名称:mailman-email-variable-xss(11152)
链接:http://xforce.iss.net/xforce/xfdb/11152
来源:SECTRACK
名称:1005987
链接:http://www.securitytracker.com/id?1005987
来源:BID
名称:6677
链接:http://www.securityfocus.com/bid/6677
来源:OSVDB
名称:9205
链接:http://www.osvdb.org/9205