4 matches found
CVE-2020-10100
An issue was discovered in Zammad 3.0 through 3.2. It allows for users to view ticket customer details associated with specific customers. However, the application does not properly implement access controls related to this functionality. As such, users of one company are able to access ticket da...
EUVD-2020-2565
Malware in sbrugna...
EUVD-2023-33405
Malicious code in bioql PyPI...
CVE-2023-29868
Zammad 5.3.x Fixed in 5.4.0 is vulnerable to Incorrect Access Control. An authenticated attacker with agent and customer roles could perform unauthorized changes on articles where they only have customer permissions...