First published: Tue Jul 16 2019(Updated: )
Zammad GmbH Zammad 2.3.0 and earlier is affected by: Cross Site Scripting (XSS) - CWE-80. The impact is: Execute java script code on users browser. The component is: web app. The attack vector is: the victim must open a ticket. The fixed version is: 2.3.1, 2.2.2 and 2.1.3.
Credit: josh@bress.net
Affected Software | Affected Version | How to fix |
---|---|---|
Zammad Zammad | >=2.1.0<=2.1.2 | |
Zammad Zammad | >=2.2.0<=2.2.1 | |
Zammad Zammad | =2.3.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.