6.3 Medium
AI Score
Confidence
High
0.0005 Low
EPSS
Percentile
17.5%
Zammad 5.3.x (Fixed in 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker with agent and customer roles could perform unauthorized changes on articles where they only have customer permissions.
zammad.com/en/advisories/zaa-2023-01