2 matches found
PT-2024-26886 · Zammad · Zammad
Name of the Vulnerable Software and Affected Versions: Zammad versions prior to 6.3.1 Description: A Ruby gem bundled by Zammad is installed with world-writable file permissions, allowing a local attacker on the server to modify the gem's files and inject arbitrary code into Zammad processes. The...
PT-2021-4696
Name of the Vulnerable Software and Affected Versions RDoc versions 3.11 through 6.x before 6.3.1 Description The issue is related to the RDoc documentation generator for the Ruby programming language, where it fails to properly sanitize data. This can be exploited to execute arbitrary code via |...