CVE-2025-52204

Published March 23rd, 2026

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

N/A

Affected

1

PROJECT

Description

A Cross-Site Scripting (XSS) vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter

j0qq3r/CVE-2025-52204

CVE-2025-52204: Reflected XSS / HTML Injection in Znuny OTRS

GitHub