2 matches found
CVE-2026-34248
Zammad (web-based helpdesk) prior to 7.0.1 allowed customers in a shared organization to view fields not intended for customers (e.g., priority, internal ticket attributes) in the ticket detail view when opening a ticket from another user in the same shared org. The root cause is exposure of inte...
PT-2024-21166 · Sourcecodester · Sourcecodester Insurance Management System
Name of the Vulnerable Software and Affected Versions: Sourcecodester Insurance Management System version 1.0 Description: A Cross Site Scripting XSS issue allows attackers to run arbitrary code via the Subject and Description fields when submitting a support ticket. This enables attackers to...