Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/10 12:21 a.m.18 views

CVE-2025-43926

An issue was discovered in Znuny through 6.5.14 and 7.x through 7.1.6. Custom AJAX calls to the AgentPreferences UpdateAJAX subaction can be used to set user preferences with arbitrary keys. When fetching user data via GetUserData, these keys and values are retrieved and given as a whole to other...

6.1CVSS7AI score0.00202EPSS
Exploits0References1
NVD
NVD
added 2025/05/08 4:15 p.m.30 views

CVE-2025-43926

An issue was discovered in Znuny through 6.5.14 and 7.x through 7.1.6. Custom AJAX calls to the AgentPreferences UpdateAJAX subaction can be used to set user preferences with arbitrary keys. When fetching user data via GetUserData, these keys and values are retrieved and given as a whole to other...

6.1CVSS0.00202EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/05/08 4:15 p.m.8 views

CVE-2025-43926

An issue was discovered in Znuny through 6.5.14 and 7.x through 7.1.6. Custom AJAX calls to the AgentPreferences UpdateAJAX subaction can be used to set user preferences with arbitrary keys. When fetching user data via GetUserData, these keys and values are retrieved and given as a whole to other...

6.1CVSS6AI score0.00202EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/08 12:0 a.m.17 views

CVE-2025-43926

An issue was discovered in Znuny through 6.5.14 and 7.x through 7.1.6. Custom AJAX calls to the AgentPreferences UpdateAJAX subaction can be used to set user preferences with arbitrary keys. When fetching user data via GetUserData, these keys and values are retrieved and given as a whole to other...

0.00202EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/08 12:0 a.m.7 views

CVE-2025-43926

An issue was discovered in Znuny through 6.5.14 and 7.x through 7.1.6. Custom AJAX calls to the AgentPreferences UpdateAJAX subaction can be used to set user preferences with arbitrary keys. When fetching user data via GetUserData, these keys and values are retrieved and given as a whole to other...

6.3AI score0.00202EPSS
Exploits0References2
CVE
CVE
added 2025/05/08 12:0 a.m.60 views

CVE-2025-43926

Znuny vulnerability CVE-2025-43926 affects versions 6.5.14 and 7.x up to 7.1.6. The issue arises from Custom AJAX calls to AgentPreferences UpdateAJAX, allowing arbitrary keys to be set as user preferences. When GetUserData fetches data, these keys/values are passed to other function calls and ma...

6.1CVSS6.6AI score0.00202EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder