Secunia reports:
A vulnerability has been reported in Mailman, which can be
exploited by malicious users to conduct script insertion
attacks.
Certain input when editing the list templates and the list info
attribute is not properly sanitised before being stored. This can be
exploited to insert arbitrary HTML and script code, which is
executed in a user’s browser session in context of an affected site
when the malicious website is accessed.