Vulnerabilities > Zammad

DATE CVE VULNERABILITY TITLE RISK
2021-10-07 CVE-2021-42086 Unspecified vulnerability in Zammad
An issue was discovered in Zammad before 4.1.1.
network
low complexity
zammad
8.8
8.8
2021-10-07 CVE-2021-42087 Unspecified vulnerability in Zammad
An issue was discovered in Zammad before 4.1.1.
network
low complexity
zammad
4.9
4.9
2021-10-07 CVE-2021-42088 Cross-site Scripting vulnerability in Zammad
An issue was discovered in Zammad before 4.1.1.
network
low complexity
zammad CWE-79
6.1
6.1
2021-10-07 CVE-2021-42089 Information Exposure vulnerability in Zammad
An issue was discovered in Zammad before 4.1.1.
network
low complexity
zammad CWE-200
7.5
7.5
2021-10-07 CVE-2021-42090 Deserialization of Untrusted Data vulnerability in Zammad
An issue was discovered in Zammad before 4.1.1.
network
low complexity
zammad CWE-502
critical
 9.8
9.8
2021-10-07 CVE-2021-42091 Server-Side Request Forgery (SSRF) vulnerability in Zammad
An issue was discovered in Zammad before 4.1.1.
network
low complexity
zammad CWE-918
critical
 9.1
9.1
2021-10-07 CVE-2021-42092 Cross-site Scripting vulnerability in Zammad
An issue was discovered in Zammad before 4.1.1.
network
low complexity
zammad CWE-79
5.4
5.4
2021-10-07 CVE-2021-42093 Unspecified vulnerability in Zammad
An issue was discovered in Zammad before 4.1.1.
network
low complexity
zammad
7.2
7.2
2021-10-07 CVE-2021-42094 Command Injection vulnerability in Zammad
An issue was discovered in Zammad before 4.1.1.
network
low complexity
zammad CWE-77
critical
 9.8
9.8
2021-06-28 CVE-2021-35298 Cross-site Scripting vulnerability in Zammad
Cross Site Scripting (XSS) in Zammad 1.0.x up to 4.0.0 allows remote attackers to execute arbitrary web script or HTML via multiple models that contain a 'note' field to store additional information.
network
low complexity
zammad CWE-79
6.1
6.1