CVE-2017-5620
CVE-2017-5620 (Zammad XSS) is corroborated by connected sources as a cross-site scripting vulnerability in Zammad. Affected versions are before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, with the issue arising because attachments are opened in a new tab instead of downloading, creating an...