CVE-2019-1010018

Summary

Zammad GmbH Zammad 2.3.0 and earlier is affected by: Cross Site Scripting (XSS) - CWE-80. The impact is: Execute java script code on users browser. The component is: web app. The attack vector is: the victim must open a ticket. The fixed version is: 2.3.1, 2.2.2 and 2.1.3.

Affected Software

VendorProductVersion RangeStatus
Zammad GmbHZammad≤ 2.3.0 [fixed: 2.3.1affected
Zammad GmbHZammad2.2.2 and 2.1.3]affected

Weaknesses

  • CWE-80: Cross Site Scripting (XSS) - CWE-80

ADP Enrichment

CVE Program Container

Additional References

References