Lucene search
K

7 matches found

NVD
NVD
added 2019/07/16 1:15 p.m.20 views

CVE-2019-1010018

Zammad GmbH Zammad 2.3.0 and earlier is affected by: Cross Site Scripting XSS - CWE-80. The impact is: Execute java script code on users browser. The component is: web app. The attack vector is: the victim must open a ticket. The fixed version is: 2.3.1, 2.2.2 and 2.1.3...

6.1CVSS6.1AI score0.01257EPSS
Exploits0References3
Prion
Prion
added 2019/07/16 1:15 p.m.19 views

Cross site scripting

Zammad GmbH Zammad 2.3.0 and earlier is affected by: Cross Site Scripting XSS - CWE-80. The impact is: Execute java script code on users browser. The component is: web app. The attack vector is: the victim must open a ticket. The fixed version is: 2.3.1, 2.2.2 and 2.1.3...

4.3CVSS6.1AI score0.01257EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2019/07/16 12:35 p.m.22 views

CVE-2019-1010018

Zammad GmbH Zammad 2.3.0 and earlier is affected by: Cross Site Scripting XSS - CWE-80. The impact is: Execute java script code on users browser. The component is: web app. The attack vector is: the victim must open a ticket. The fixed version is: 2.3.1, 2.2.2 and 2.1.3...

6.2AI score0.01257EPSS
Exploits0References3
CVE
CVE
added 2019/07/16 12:35 p.m.78 views

CVE-2019-1010018

CVE-2019-1010018 affects Zammad (2.3.0 and earlier) web application. A Cross Site Scripting (XSS, CWE-80) vulnerability allows an attacker to execute client-side JavaScript in a user’s browser when the victim opens a ticket. The issue is rooted in insufficient input validation/escaping within the...

6.1CVSS6.1AI score0.01257EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/04/05 1:29 p.m.20 views

CVE-2018-1000154

Zammad GmbH Zammad version 2.3.0 and earlier contains a Improper Neutralization of Script-Related HTML Tags in a Web Page CWE-80 vulnerability in the subject of emails which are not html quoted in certain cases. This can result in the embedding and execution of java script code on users browser...

6.1CVSS6.7AI score
Exploits0References3
CVE
CVE
added 2018/04/05 1:0 p.m.47 views

CVE-2018-1000154

Zammad (version 2.3.0 and earlier) contains an Improper Neutralization of Script-Related HTML Tags in email subjects (CWE-80) that can lead to embedding/execution of JavaScript in a user’s browser, exploitable when a ticket is opened. Affected: Zammad

6.1CVSS6.4AI score0.01598EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/04/05 1:0 p.m.20 views

CVE-2018-1000154

Zammad GmbH Zammad version 2.3.0 and earlier contains a Improper Neutralization of Script-Related HTML Tags in a Web Page CWE-80 vulnerability in the subject of emails which are not html quoted in certain cases. This can result in the embedding and execution of java script code on users browser...

6.5AI score0.01598EPSS
Exploits0References3
Rows per page
Query Builder