Lucene search

K

GoogleOSV:CVE-2021-35303

HistoryJun 28, 2021 - 8:15 p.m.

CVE-2021-35303

2021-06-2820:15:08

Google

osv.dev

3

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.5%

Cross Site Scripting (XSS) in Zammad 1.0.x up to 4.0.0 allows remote attackers to execute arbitrary web script or HTML via the User Avatar attribute.

References

zammad.com/en/advisories/zaa-2021-06

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.5%

Related for OSV:CVE-2021-35303

cvelist1 nvd1 cve1 prion1