Jenzabar · Jenzabar · CVE-2021-26723
**Name of the Vulnerable Software and Affected Versions**
Jenzabar versions 9.2.x through 9.2.2
**Description**
The issue allows for XSS via the "/ics?tool=search&query=" endpoint.
**Recommendations**
For Jenzabar versions 9.2.x through 9.2.2, as a temporary workaround, consider restricting access to the "/ics?tool=search&query=" endpoint until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.