CVE-2019-1010018
N/A
N/A
Summary
Zammad GmbH Zammad 2.3.0 and earlier is affected by: Cross Site Scripting (XSS) - CWE-80. The impact is: Execute java script code on users browser. The component is: web app. The attack vector is: the victim must open a ticket. The fixed version is: 2.3.1, 2.2.2 and 2.1.3.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Zammad GmbH | Zammad | ≤ 2.3.0 [fixed: 2.3.1 | affected |
| Zammad GmbH | Zammad | 2.2.2 and 2.1.3] | affected |
Weaknesses
- CWE-80: Cross Site Scripting (XSS) - CWE-80
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/zammad/zammad/compare/ea50d0c…238784d
- https://github.com/zammad/zammad/compare/5c983f6…1a9af7d
- https://github.com/zammad/zammad/issues/1869
References
- https://github.com/zammad/zammad/compare/ea50d0c…238784d
- https://github.com/zammad/zammad/compare/5c983f6…1a9af7d
- https://github.com/zammad/zammad/issues/1869
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.