First published: Thu Oct 07 2021(Updated: )
An issue was discovered in Zammad before 4.1.1. There is stored XSS via a custom Avatar.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zammad Zammad | <4.1.1 | |
<4.1.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this issue is CVE-2021-42085.
The severity level of CVE-2021-42085 is medium (5.4).
The affected software is Zammad before version 4.1.1.
The vulnerability occurs through stored XSS via a custom Avatar.
Yes, the fix for CVE-2021-42085 is available in Zammad version 4.1.1.