mailman: Web-based mailing list manager Mailman could be made to inject arbitrary content in the login page if it received a specially crafted input.