CVE-2020-10098 - Zammad Zammad

Moderate 5.4

An XSS issue was discovered in Zammad 3.0 through 3.2. Malicious code can be provided by a low-privileged user through the Email functionality. The malicious JavaScript will execute within the browser of any user who opens the Ticket with the Article created from that Email.

Affected software

Zammad Zammad

Reference links

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.