On Fri, 2003-09-26 at 09:21, ned wrote:
> Hello list,
> i've been poking and prodding mailman for about an hour now...found a few
> things which could be not seen as secure (although they dont have any real
> impact...):
> first there is a XSS (cross site scripting) bug in create.py in Cgi/. just
Hello list,
i've been poking and prodding mailman for about an hour now...found a few
things which could be not seen as secure (although they dont have any real
impact...):
first there is a XSS (cross site scripting) bug in create.py in Cgi/. just
enter
">alert("hi"). putting a Utils.Websafe (i