In GNU Mailman before 2136, a crafted URL to the Cgi/optionspy user options page can execute arbitrary JavaScript for XSS (CVE-2021-43331)
In GNU Mailman before 2136, the CSRF token for the Cgi/admindbpy admindb page contains an encrypted version of the list admin password This could potentially be cracked by a moderator via an offline brut ...