diff options
author | Mark Sapiro <msapiro@value.net> | 2010-09-09 08:16:57 -0700 |
---|---|---|
committer | Mark Sapiro <msapiro@value.net> | 2010-09-09 08:16:57 -0700 |
commit | f653b2a70e36bccd6128c4f4b973e09ea898e2cf (patch) | |
tree | e8617f48eee66fbb3fe85709ea1e348375f9d9e2 /Mailman/Cgi | |
parent | aa911e138aa82a21197e0bda656ac51eab45447d (diff) | |
download | mailman2-f653b2a70e36bccd6128c4f4b973e09ea898e2cf.tar.gz mailman2-f653b2a70e36bccd6128c4f4b973e09ea898e2cf.tar.xz mailman2-f653b2a70e36bccd6128c4f4b973e09ea898e2cf.zip |
Two potential XSS vulnerabilities have been identified and fixed.
Diffstat (limited to 'Mailman/Cgi')
-rw-r--r-- | Mailman/Cgi/listinfo.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/Mailman/Cgi/listinfo.py b/Mailman/Cgi/listinfo.py index 22ab9d5f..8aaae14c 100644 --- a/Mailman/Cgi/listinfo.py +++ b/Mailman/Cgi/listinfo.py @@ -1,4 +1,4 @@ -# Copyright (C) 1998-2009 by the Free Software Foundation, Inc. +# Copyright (C) 1998-2010 by the Free Software Foundation, Inc. # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -97,7 +97,7 @@ def listinfo_overview(msg=''): else: advertised.append((mlist.GetScriptURL('listinfo'), mlist.real_name, - mlist.description)) + Utils.websafe(mlist.description))) if msg: greeting = FontAttr(msg, color="ff5060", size="+1") else: |