Vulnerabilities > Zammad > Zammad > 3.5.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-28 | CVE-2021-35303 | Cross-site Scripting vulnerability in Zammad Cross Site Scripting (XSS) in Zammad 1.0.x up to 4.0.0 allows remote attackers to execute arbitrary web script or HTML via the User Avatar attribute. | 4.3 |