3 matches found
CVE-2021-35303
creationtimestamp| type| source ---|---|--- 2021-06-29 00:28:02+00:00| seen| https://t.me/cibsecurity/25765...
CVE-2021-35303
Cross Site Scripting XSS in Zammad 1.0.x up to 4.0.0 allows remote attackers to execute arbitrary web script or HTML via the User Avatar attribute...
CVE-2021-35303
CVE-2021-35303 describes a cross-site scripting (XSS) flaw in Zammad, affecting versions 1.0.x through 4.0.0. The vulnerability allows a remote attacker to execute arbitrary web script or HTML by abusing the User Avatar attribute. The root cause is an input/output handling flaw in how the avatar ...