770 matches found
CVE-2020-10105
An issue was discovered in Zammad 3.0 through 3.2. It returns source code of static resources when submitting an OPTIONS request, rather than a GET request. Disclosure of source code allows for an attacker to formulate more precise attacks. Source code was disclosed for the file 404.html...
CVE-2020-29158
An issue was discovered in Zammad before 3.5.1. An Agent with Customer permissions in a Group can bypass intended access control on internal Articles via the Ticket detail view...
CVE-2020-29159
An issue was discovered in Zammad before 3.5.1. The default signup Role for newly created Users can be a privileged Role, if configured by an admin. This behvaior was unintended...
CVE-2020-26030
An issue was discovered in Zammad before 3.4.1. There is an authentication bypass in the SSO endpoint via a crafted header, when SSO is not configured. An attacker can create a valid and authenticated session that can be used to perform any actions in the name of other users...
CVE-2020-26032
An SSRF issue was discovered in Zammad before 3.4.1. The SMS configuration interface for Massenversand is implemented in a way that renders the result of a test request to the User. An attacker can use this to request any URL via a GET request from the network interface of the server. This may le...
CVE-2020-26034
An account-enumeration issue was discovered in Zammad before 3.4.1. The Create User functionality is implemented in a way that would enable an anonymous user to guess valid user email addresses. The application responds differently depending on whether the input supplied was recognized as...
CVE-2020-10101
An issue was discovered in Zammad 3.0 through 3.2. The WebSocket server crashes when messages in non-JSON format are sent by an attacker. The message format is not properly checked and parsing errors not handled. This leads to a crash of the service process...
CVE-2019-1010018
Zammad GmbH Zammad 2.3.0 and earlier is affected by: Cross Site Scripting XSS - CWE-80. The impact is: Execute java script code on users browser. The component is: web app. The attack vector is: the victim must open a ticket. The fixed version is: 2.3.1, 2.2.2 and 2.1.3...
CVE-2025-32359
In Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. When changing their two factor authentication configuration, users need to re-authenticate with their current password first. However, this change was enforced in Zammad only on the front end level, and not wh...
CVE-2025-32360
In Zammad 6.4.x before 6.4.2, there is information exposure. Only agents should be able to see and work on shared article drafts. However, a logged in customer was able to see details about shared drafts for their customer tickets in the browser console, which may contain confidential information...
CVE-2025-32357
In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge base permissions was able to use the Zammad API to fetch knowledge base content that they have no permission for...
CVE-2025-32358
In Zammad 6.4.x before 6.4.2, SSRF can occur. Authenticated admin users can enable webhooks in Zammad, which are triggered as POST requests when certain conditions are met. If a webhook endpoint returned a redirect response, Zammad would follow it automatically with another GET request. This coul...
CVE-2025-32358
In Zammad 6.4.x before 6.4.2, SSRF can occur. Authenticated admin users can enable webhooks in Zammad, which are triggered as POST requests when certain conditions are met. If a webhook endpoint returned a redirect response, Zammad would follow it automatically with another GET request. This coul...
CVE-2025-32360
In Zammad 6.4.x before 6.4.2, there is information exposure. Only agents should be able to see and work on shared article drafts. However, a logged in customer was able to see details about shared drafts for their customer tickets in the browser console, which may contain confidential information...
CVE-2025-32359
In Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. When changing their two factor authentication configuration, users need to re-authenticate with their current password first. However, this change was enforced in Zammad only on the front end level, and not wh...
CVE-2025-32357
In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge base permissions was able to use the Zammad API to fetch knowledge base content that they have no permission for...
PT-2025-15070 · Zammad · Zammad
Name of the Vulnerable Software and Affected Versions: Zammad versions 6.4.0 through 6.4.1 Description: The issue allows an authenticated agent with knowledge base permissions to use the Zammad API to fetch knowledge base content that they have no permission for. Recommendations: For versions 6.4...
CVE-2025-32360
CVE-2025-32360 affects Zammad 6.4.x before 6.4.2, with information exposure allowing a logged-in customer to view details of shared article drafts for their tickets in the browser console and to manipulate them via the API. Root cause: exposure of draft details intended only for agents. Impact: p...
Zammad 安全漏洞
Zammad is a suite of ticket management software from the German company Zammad. A security vulnerability exists in Zammad versions prior to 6.4.2, which stems from client-side enforcement of server-side security and could lead to bypassing a two-factor authentication configuration...
Zammad 安全漏洞
Zammad is a suite of ticket management software from the German company Zammad. A security vulnerability exists in Zammad versions prior to 6.4.2, which stems from a server-side request forgery that could result in a GET request in the local network...