Hi!
* Kevin Fernandez ke...@findhost.org [101001 18:17]:
Package: hypermail
Version: 2.2.0.dfsg-2
Severity: grave
Tags: security
Justification: user security hole
Given that:
* The package hasn't actually a high popcon rating
* It has a security related bug open for over a month
* A new
Package: hypermail
Version: 2.2.0.dfsg-2
Severity: grave
Tags: security
Justification: user security hole
Hypermail has a cross-site scripting vulnerability in the way it
indexes mails.
Eg: send a mail with this From address:
iframe src=//debian.org em...@debian.org
All the pages indexing this
2 matches
Mail list logo