aboutsummaryrefslogtreecommitdiffstats
path: root/Mailman/Cgi
diff options
context:
space:
mode:
authorMark Sapiro <msapiro@value.net>2010-09-09 08:16:57 -0700
committerMark Sapiro <msapiro@value.net>2010-09-09 08:16:57 -0700
commitf653b2a70e36bccd6128c4f4b973e09ea898e2cf (patch)
treee8617f48eee66fbb3fe85709ea1e348375f9d9e2 /Mailman/Cgi
parentaa911e138aa82a21197e0bda656ac51eab45447d (diff)
downloadmailman2-f653b2a70e36bccd6128c4f4b973e09ea898e2cf.tar.gz
mailman2-f653b2a70e36bccd6128c4f4b973e09ea898e2cf.tar.xz
mailman2-f653b2a70e36bccd6128c4f4b973e09ea898e2cf.zip
Two potential XSS vulnerabilities have been identified and fixed.
Diffstat (limited to 'Mailman/Cgi')
-rw-r--r--Mailman/Cgi/listinfo.py4
1 files changed, 2 insertions, 2 deletions
diff --git a/Mailman/Cgi/listinfo.py b/Mailman/Cgi/listinfo.py
index 22ab9d5f..8aaae14c 100644
--- a/Mailman/Cgi/listinfo.py
+++ b/Mailman/Cgi/listinfo.py
@@ -1,4 +1,4 @@
-# Copyright (C) 1998-2009 by the Free Software Foundation, Inc.
+# Copyright (C) 1998-2010 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -97,7 +97,7 @@ def listinfo_overview(msg=''):
else:
advertised.append((mlist.GetScriptURL('listinfo'),
mlist.real_name,
- mlist.description))
+ Utils.websafe(mlist.description)))
if msg:
greeting = FontAttr(msg, color="ff5060", size="+1")
else: