exploitDog

GHSA-8vqf-3cg3-mcvj

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. XSS can be triggered via malicious HTML in a chat message or the content of a ticket article, when using either the REST API or the WebSocket API.

An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. XSS can be triggered via malicious HTML in a chat message or the content of a ticket article, when using either the REST API or the WebSocket API.

Ссылки

EPSS

Процентиль: 53%

0.00301

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2017-5621

CVSS3: 6.1

nvd

почти 9 лет назад

An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. XSS can be triggered via malicious HTML in a chat message or the content of a ticket article, when using either the REST API or the WebSocket API.

CVE-2017-5621

CVSS3: 6.1

debian

почти 9 лет назад

An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, an ...

EPSS

Процентиль: 53%

0.00301

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79