Vulnerabilities > Zammad > Zammad > 5.2.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-18 | CVE-2023-31597 | Incorrect Authorization vulnerability in Zammad An issue in Zammad v5.4.0 allows attackers to bypass e-mail verification using an arbitrary address and manipulate the data of the generated user. | 6.5 |
2022-09-27 | CVE-2022-40816 | Incorrect Authorization vulnerability in Zammad 5.2.0/5.2.1 Zammad 5.2.1 is vulnerable to Incorrect Access Control. | 6.5 |
2022-09-27 | CVE-2022-40817 | Incorrect Permission Assignment for Critical Resource vulnerability in Zammad 5.2.0/5.2.1 Zammad 5.2.1 has a fine-grained permission model that allows to configure read-only access to tickets. | 4.3 |