CVE-2021-42575
October 18, 2021 ยท View on GitHub
Policies that allow <style> tags inside <option> elements are vulnerable to RCE
See https://docs.google.com/document/d/11SoX296sMS0XoQiQbpxc5pNxSdbJKDJkm5BDv0zrX50/edit?usp=sharing for mitigations.