6.3 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
13.3%
Zammad 5.3.x (Fixed in 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker with agent and customer roles could perform unauthorized changes on articles where they only have customer permissions.