CVE 2021-43331

In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS.

Related bugs and status

CVE-2021-43331 (Candidate) is related to these bugs:

Bug #1949401: Potential XSS attack via the user options page.

Summary				In	Importance	Status
	1949401	Potential XSS attack via the user options page.		GNU Mailman	Medium	Fix Released

See the

CVE page on Mitre.org for more details.