Znuny · Znuny · CVE-2024-48937
**Name of the Vulnerable Software and Affected Versions**
Znuny versions prior to 6.5.1 through 6.5.10
Znuny versions 7.0.1 through 7.0.16
**Description**
The issue allows for XSS, where JavaScript code in the short description of the SLA field in Activity Dialogues is executed.
**Recommendations**
For versions prior to 6.5.1 through 6.5.10, update to version 6.5.1 or later.
For versions 7.0.1 through 7.0.16, update to a version later than 7.0.16.