VYPR
Unrated severityNVD Advisory· Published Mar 5, 2020· Updated Aug 4, 2024

CVE-2020-10103

CVE-2020-10103

Description

An XSS issue was discovered in Zammad 3.0 through 3.2. Malicious code can be provided by a low-privileged user through the File Upload functionality in Zammad. The malicious JavaScript will execute within the browser of any user who opens a specially crafted link to the uploaded file with an active Zammad session.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Zammad/Zammaddescription
  • Zammad/Zammadllm-fuzzy
    Range: >=3.0, <=3.2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.