writeups.xyz / Technical Advisory: Vulnerabilities Identified within ListServ

Submitter : c2a

Date: 18 October 2023

Bounty : undisclosed

Vulnerabilities :

• CSRF
• Samesite Cookie Bypass
• Reflected XSS
• Stored XSS
• Unrestricted File Upload
• DLL Hijacking
• Local Privilege Escalation
• Buffer Overflow
• Memory Corruption

Programs :

• ListServ

Authors :

• Adam Crosser

Link :
https://www.praetorian.com/blog/vulnerabilities-within-listserv/