Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Zammad GmbH Zammad version 2.3.0 and earlier contains a Improper Neutralization of Script-Related HTML Tags in a Web Page (CWE-80) vulnerability in the subject of emails which are not html quoted in certain cases. This can result in the embedding and execution of java script code on users browser. This attack appear to be exploitable via the victim openning a ticket. This vulnerability appears to have been fixed in 2.3.1, 2.2.2 and 2.1.3.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zammad 跨站脚本漏洞
Vulnerability Description
Zammad是德国Zammad公司的一套票务管理软件。 Zammad 2.3.0及之前版本中存在跨站脚本漏洞。远程攻击者可利用该漏洞在用户浏览器上注入并执行java脚本代码。
CVSS Information
N/A
Vulnerability Type
N/A