Postorius Project Postorius vulnerabilities
2 known vulnerabilities affecting postorius_project/postorius.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2026-44742P2MEDIUMCVSS 6.1Exploited≤ 1.3.132026-05-07
CVE-2026-44742 [MEDIUM] CWE-79 CVE-2026-44742: Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held m
Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as exploited in the wild in May 2026.
ghsanvd
CVE-2021-40347P4MEDIUMCVSS 5.4fixed in 1.3.52021-09-10
CVE-2021-40347 [MEDIUM] CVE-2021-40347: An issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker (logged
An issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker (logged into any account) can send a crafted POST request to unsubscribe any user from a mailing list, also revealing whether that address was subscribed in the first place.
ghsanvdosv