Vulnerabilities > Zammad

DATE CVE VULNERABILITY TITLE RISK
2020-06-16 CVE-2020-14214 Missing Authorization vulnerability in Zammad
Zammad before 3.3.1, when Domain Based Assignment is enabled, relies on a claimed e-mail address for authorization decisions.
network
zammad CWE-862
5.8
5.8
2020-06-16 CVE-2020-14213 Missing Authorization vulnerability in Zammad
In Zammad before 3.3.1, a Customer has ticket access that should only be available to an Agent (e.g., read internal data, split, or merge).
network
low complexity
zammad CWE-862
5.5
5.5
2020-03-05 CVE-2020-10105 Information Exposure vulnerability in Zammad
An issue was discovered in Zammad 3.0 through 3.2.
network
low complexity
zammad CWE-200
5.0
5.0
2020-03-05 CVE-2020-10104 Information Exposure vulnerability in Zammad
An issue was discovered in Zammad 3.0 through 3.2.
network
low complexity
zammad CWE-200
4.0
4.0
2020-03-05 CVE-2020-10103 Cross-site Scripting vulnerability in Zammad
An XSS issue was discovered in Zammad 3.0 through 3.2.
network
zammad CWE-79
3.5
3.5
2020-03-05 CVE-2020-10102 Information Exposure Through Discrepancy vulnerability in Zammad
An issue was discovered in Zammad 3.0 through 3.2.
network
zammad CWE-203
3.5
3.5
2020-03-05 CVE-2020-10101 Improper Input Validation vulnerability in Zammad
An issue was discovered in Zammad 3.0 through 3.2.
network
low complexity
zammad CWE-20
5.0
5.0
2020-03-05 CVE-2020-10100 Information Exposure vulnerability in Zammad
An issue was discovered in Zammad 3.0 through 3.2.
network
low complexity
zammad CWE-200
4.0
4.0
2020-03-05 CVE-2020-10099 Cross-site Scripting vulnerability in Zammad
An XSS issue was discovered in Zammad 3.0 through 3.2.
network
zammad CWE-79
3.5
3.5
2020-03-05 CVE-2020-10098 Cross-site Scripting vulnerability in Zammad
An XSS issue was discovered in Zammad 3.0 through 3.2.
network
zammad CWE-79
3.5
3.5