6 matches found
CVE-2025-32357
In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge base permissions was able to use the Zammad API to fetch knowledge base content that they have no permission for...
CVE-2025-32357
creationtimestamp| type| source ---|---|--- 2025-04-05 21:37:55+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10615 2025-04-06 01:07:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lm4ayjowzv2b 2025-04-06 01:46:47+00:00| seen| https://t.me/cvedetector/22201...
CVE-2025-32357
In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge base permissions was able to use the Zammad API to fetch knowledge base content that they have no permission for...
CVE-2025-32357
The CVE-2025-32357 entry affects Zammad versions 6.4.x before 6.4.2. An authenticated agent with knowledge base permissions can use the Zammad API to fetch knowledge base content they are not authorized to access, indicating an API permission bypass vulnerability with potential information disclo...
CVE-2025-32357
In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge base permissions was able to use the Zammad API to fetch knowledge base content that they have no permission for...
CVE-2025-32357
In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge base permissions was able to use the Zammad API to fetch knowledge base content that they have no permission for...