Vulnerability CVE-2022-39195


Published: 2023-01-17

Description:
A cross-site scripting (XSS) vulnerability in the LISTSERV 17 web interface allows remote attackers to inject arbitrary JavaScript or HTML via the c parameter.

See advisories in our WLB2 database:
Topic
Author
Date
Low
LISTSERV 17 Reflected Cross Site Scripting (XSS)
Shaunt Der-Grigo...
02.04.2023

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://peach.ease.lsoft.com/scripts/wa-PEACH.exe?A0=LSTSRV-L
https://packetstormsecurity.com/2301-exploits/listserv17-xss.txt

Copyright 2024, cxsecurity.com

 

Back to Top