{"uuid": "17fb0b7f-1560-4604-92a6-9592aa7cd5a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-35303", "type": "seen", "source": "https://t.me/cibsecurity/25765", "content": "\u203c CVE-2021-35303 \u203c\n\nCross Site Scripting (XSS) in Zammad 1.0.x up to 4.0.0 allows remote attackers to execute arbitrary web script or HTML via the User Avatar attribute.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-06-29T00:28:02.000000Z"}