Back to search
CVE-2019-1010018
Published: Jul 16, 2019
Modified: Aug 5, 2024
PUBLISHED
Description
Zammad GmbH Zammad 2.3.0 and earlier is affected by: Cross Site Scripting (XSS) - CWE-80. The impact is: Execute java script code on users browser. The component is: web app. The attack vector is: the victim must open a ticket. The fixed version is: 2.3.1, 2.2.2 and 2.1.3.
| Vendor | Product | Versions |
|---|---|---|
Zammad GmbH | Zammad | affected ≤ 2.3.0 [fixed: 2.3.1affected 2.2.2 and 2.1.3] |
Weaknesses (CWE)
References
https://github.com/zammad/zammad/compare/ea50d0c...238784d
x_refsource_MISC
https://github.com/zammad/zammad/compare/5c983f6...1a9af7d
x_refsource_MISC
https://github.com/zammad/zammad/issues/1869
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now