Vulnerabilities > Zammad > Zammad > 1.3.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-18 | CVE-2023-31597 | Incorrect Authorization vulnerability in Zammad An issue in Zammad v5.4.0 allows attackers to bypass e-mail verification using an arbitrary address and manipulate the data of the generated user. | 6.5 |
2022-04-27 | CVE-2022-27331 | Exposure of Resource to Wrong Sphere vulnerability in Zammad An access control issue in Zammad v5.0.3 broadcasts administrative configuration changes to all users who have an active application instance, including settings that should only be visible to authenticated users. | 4.3 |
2022-04-27 | CVE-2022-27332 | Missing Authentication for Critical Function vulnerability in Zammad An access control issue in Zammad v5.0.3 allows attackers to write entries to the CTI caller log without authentication. | 9.1 |
2021-10-11 | CVE-2021-42137 | Incorrect Authorization vulnerability in Zammad An issue was discovered in Zammad before 5.0.1. | 5.3 |
2021-10-07 | CVE-2021-42084 | Infinite Loop vulnerability in Zammad An issue was discovered in Zammad before 4.1.1. | 6.5 |
2021-10-07 | CVE-2021-42085 | Cross-site Scripting vulnerability in Zammad An issue was discovered in Zammad before 4.1.1. | 5.4 |
2021-10-07 | CVE-2021-42086 | Unspecified vulnerability in Zammad An issue was discovered in Zammad before 4.1.1. | 8.8 |
2021-10-07 | CVE-2021-42087 | Unspecified vulnerability in Zammad An issue was discovered in Zammad before 4.1.1. | 4.9 |
2021-10-07 | CVE-2021-42088 | Cross-site Scripting vulnerability in Zammad An issue was discovered in Zammad before 4.1.1. | 6.1 |
2021-10-07 | CVE-2021-42089 | Information Exposure vulnerability in Zammad An issue was discovered in Zammad before 4.1.1. | 7.5 |