Zammad is a Web-based open source help desk/customer support system. versions prior to Zammad 4.1.1 are vulnerable to a stored cross-site scripting vulnerability. An attacker could exploit the vulnerability to inject malicious JavaScript code via a custom avatar.
CPE | Name | Operator | Version |
---|---|---|---|
zammad zammad | lt | 4.1.1 |