4 matches found
CVE-2025-43926
An issue was discovered in Znuny through 6.5.14 and 7.x through 7.1.6. Custom AJAX calls to the AgentPreferences UpdateAJAX subaction can be used to set user preferences with arbitrary keys. When fetching user data via GetUserData, these keys and values are retrieved and given as a whole to other...
CVE-2025-26844
An issue was discovered in Znuny through 7.1.3. A cookie is set without the HttpOnly flag...
Znuny 安全漏洞
Znuny is a work order system from Znuny, Inc. A security vulnerability exists in Znuny versions prior to 7.1.5 that stems from passwords not being fully masked, which could lead to information disclosure...
Znuny 安全漏洞
Znuny is a work order system from Znuny, Inc. A security vulnerability exists in Znuny versions 6.5.1 through 6.5.10, 7.0.1 through 7.0.16, and 6.0 that originates from a denial-of-service/redo attack that allows parsing of email content via email can result in high CPU usage and block the parsin...