First published: Thu Oct 07 2021(Updated: )
An issue was discovered in Zammad before 4.1.1. The Chat functionality allows XSS because clipboard data is mishandled.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zammad Zammad | <4.1.1 | |
<4.1.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2021-42088.
The severity of CVE-2021-42088 is medium (6.1).
The affected software for CVE-2021-42088 is Zammad before version 4.1.1.
The vulnerability manifests in the Chat functionality of Zammad, allowing for cross-site scripting (XSS) attacks.
Yes, the fix for CVE-2021-42088 is available in Zammad version 4.1.1 or newer.