Vulnerabilities > Zammad
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-07 | CVE-2021-42092 | Cross-site Scripting vulnerability in Zammad An issue was discovered in Zammad before 4.1.1. | 3.5 |
| 2021-10-07 | CVE-2021-42093 | Unspecified vulnerability in Zammad An issue was discovered in Zammad before 4.1.1. | 6.5 |
| 2021-10-07 | CVE-2021-42094 | Command Injection vulnerability in Zammad An issue was discovered in Zammad before 4.1.1. | 7.5 |
| 2021-06-28 | CVE-2021-35298 | Cross-site Scripting vulnerability in Zammad Cross Site Scripting (XSS) in Zammad 1.0.x up to 4.0.0 allows remote attackers to execute arbitrary web script or HTML via multiple models that contain a 'note' field to store additional information. | 4.3 |
| 2021-06-28 | CVE-2021-35299 | Information Exposure Through Log Files vulnerability in Zammad Incorrect Access Control in Zammad 1.0.x up to 4.0.0 allows attackers to obtain sensitive information via email connection configuration probing. | 5.0 |
| 2021-06-28 | CVE-2021-35300 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Zammad Text injection/Content Spoofing in 404 page in Zammad 1.0.x up to 4.0.0 could allow remote attackers to manipulate users into visiting the attackers' page. | 4.3 |
| 2021-06-28 | CVE-2021-35301 | Unspecified vulnerability in Zammad Incorrect Access Control in Zammad 1.0.x up to 4.0.0 allows remote attackers to obtain sensitive information via the Ticket Article detail view. | 5.0 |
| 2021-06-28 | CVE-2021-35302 | Unspecified vulnerability in Zammad Incorrect Access Control for linked Tickets in Zammad 1.0.x up to 4.0.0 allows remote attackers to obtain sensitive information. | 5.0 |
| 2021-06-28 | CVE-2021-35303 | Cross-site Scripting vulnerability in Zammad Cross Site Scripting (XSS) in Zammad 1.0.x up to 4.0.0 allows remote attackers to execute arbitrary web script or HTML via the User Avatar attribute. | 4.3 |
| 2020-12-28 | CVE-2020-29160 | Incorrect Authorization vulnerability in Zammad An issue was discovered in Zammad before 3.5.1. | 5.0 |