exploitDog

GHSA-9jf9-mrgj-79mq

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 6.1

Описание

An XSS issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Attachments are opened in a new tab instead of getting downloaded. This creates an attack vector of executing code in the domain of the application.

An XSS issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Attachments are opened in a new tab instead of getting downloaded. This creates an attack vector of executing code in the domain of the application.

Ссылки

EPSS

Процентиль: 53%

0.00301

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2017-5620

CVSS3: 6.1

nvd

почти 9 лет назад

An XSS issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Attachments are opened in a new tab instead of getting downloaded. This creates an attack vector of executing code in the domain of the application.

CVE-2017-5620

CVSS3: 6.1

debian

почти 9 лет назад

An XSS issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3 ...

EPSS

Процентиль: 53%

0.00301

Низкий

6.1 Medium

CVSS3

CVE ID

Дефекты

CWE-79