Vulnerabilities > Zammad

DATE CVE VULNERABILITY TITLE RISK
2017-03-13 CVE-2017-6081 Cross-Site Request Forgery (CSRF) vulnerability in Zammad
A CSRF issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1.
network
low complexity
zammad CWE-352
8.8
8.8
2017-03-13 CVE-2017-6080 Cross-Site Request Forgery (CSRF) vulnerability in Zammad
An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, caused by lack of a protection mechanism involving HTTP Access-Control headers.
network
low complexity
zammad CWE-352
critical
 9.8
9.8
2017-03-13 CVE-2017-5621 Cross-site Scripting vulnerability in Zammad
An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1.
network
low complexity
zammad CWE-79
6.1
6.1
2017-03-13 CVE-2017-5620 Cross-site Scripting vulnerability in Zammad
An XSS issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1.
network
low complexity
zammad CWE-79
6.1
6.1
2017-03-13 CVE-2017-5619 Improper Authentication vulnerability in Zammad
An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1.
network
low complexity
zammad CWE-287
critical
 9.8
9.8