Mandriva Linux Security Advisory : mailman (MDVSA-2008:061)
Medium Nessus Plugin ID 36638
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionMultiple cross-site scripting (XSS) vulnerabilities were found in Mailman prior to version 2.1.10b1, which allow remote attackers to inject arbitrary web script or HTML via edting templates and the list's info attribute in the web administrator interface.
The updated packages have been patched to correct these issues.
SolutionUpdate the affected mailman package.