2 matches found
Zammad 安全漏洞
Zammad is a suite of ticket management software from the German company Zammad. A security vulnerability exists in Zammad version 5.3.x. The vulnerability stems from vulnerability to faulty access control, where an authenticated attacker with agent and client roles can make unauthorized changes t...
GHSA-FV7X-4HPC-HF9F Moderate severity vulnerability that affects org.apache.cxf.fediz:fediz-spring, org.apache.cxf.fediz:fediz-spring2, and org.apache.cxf.fediz:fediz-spring3
Apache CXF Fediz ships with a number of container-specific plugins to enable WS-Federation for applications. A CSRF Cross Style Request Forgery style vulnerability has been found in the Spring 2, Spring 3 and Spring 4 plugins in versions before 1.4.3 and 1.3.3. The vulnerability can result in a...