CVE-2019-1010018
CVE-2019-1010018 affects Zammad (2.3.0 and earlier) web application. A Cross Site Scripting (XSS, CWE-80) vulnerability allows an attacker to execute client-side JavaScript in a user’s browser when the victim opens a ticket. The issue is rooted in insufficient input validation/escaping within the...