3 matches found
CVE-2020-26028
An issue was discovered in Zammad before 3.4.1. Admin Users without a ticket. permission can access Tickets...
CVE-2020-26028
An issue was discovered in Zammad before 3.4.1. Admin Users without a ticket. permission can access Tickets...
DEBIAN-CVE-2012-4733
Request Tracker RT 4.x before 4.0.13 does not properly enforce the DeleteTicket and "custom lifecycle transition" permission, which allows remote authenticated users with the ModifyTicket permission to delete tickets via unspecified vectors...