Vulnerabilities > Zammad > Zammad > 5.0.3

DATE CVE VULNERABILITY TITLE RISK
2023-05-18 CVE-2023-31597 Incorrect Authorization vulnerability in Zammad
An issue in Zammad v5.4.0 allows attackers to bypass e-mail verification using an arbitrary address and manipulate the data of the generated user.
network
low complexity
zammad CWE-863
6.5
6.5
2022-04-27 CVE-2022-27332 Missing Authentication for Critical Function vulnerability in Zammad
An access control issue in Zammad v5.0.3 allows attackers to write entries to the CTI caller log without authentication.
network
low complexity
zammad CWE-306
critical
 9.1
9.1