6.8 Medium
AI Score
Confidence
Low
0.0005 Low
EPSS
Percentile
17.8%
Zammad 5.3.x (Fixed 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker could gain information about linked accounts of users involved in their tickets using the Zammad API.
zammad.com/en/advisories/zaa-2023-02