Amazon Linux 2 Security Advisory: ALAS-2018-985
Advisory Release Date: 2018-04-05 23:23 Pacific
Cross-site scripting (XSS) vulnerability in web UI
A cross-site scripting (XSS) flaw was found in mailman. An attacker, able to trick the user into visiting a specific URL, can execute arbitrary web scripts on the user's side and force the victim to perform unintended actions. (CVE-2018-5950 )
Run yum update mailman to update your system.