CVE-2021-35300
First published: Mon Jun 28 2021(Updated: )
Text injection/Content Spoofing in 404 page in Zammad 1.0.x up to 4.0.0 could allow remote attackers to manipulate users into visiting the attackers' page.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zammad Zammad | >=1.0.0<=4.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2021-35300.
What is the severity of CVE-2021-35300?
CVE-2021-35300 has a severity rating of medium.
Which version of Zammad is affected by CVE-2021-35300?
CVE-2021-35300 affects Zammad versions 1.0.x up to 4.0.0.
What is the impact of CVE-2021-35300?
CVE-2021-35300 allows remote attackers to manipulate users into visiting the attackers' page.
Is there a fix available for CVE-2021-35300?
Yes, a fix for CVE-2021-35300 is available. Please refer to the advisory for more information.
- collector/nvd-index
- agent/tags
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- vendor/zammad
- canonical/zammad zammad
- version/zammad zammad/1.0.0
- version/zammad zammad/4.0.0