Filtered by vendor Zammad
Subscriptions
Filtered by product Zammad
Subscriptions
Total
72 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-1000154 | 1 Zammad | 1 Zammad | 2024-09-16 | N/A |
| Zammad GmbH Zammad version 2.3.0 and earlier contains a Improper Neutralization of Script-Related HTML Tags in a Web Page (CWE-80) vulnerability in the subject of emails which are not html quoted in certain cases. This can result in the embedding and execution of java script code on users browser. This attack appear to be exploitable via the victim openning a ticket. This vulnerability appears to have been fixed in 2.3.1, 2.2.2 and 2.1.3. | ||||
| CVE-2023-50455 | 1 Zammad | 1 Zammad | 2024-08-28 | 7.5 High |
| An issue was discovered in Zammad before 6.2.0. Due to lack of rate limiting in the "email address verification" feature, an attacker could send many requests for a known address to cause Denial Of Service (generation of many emails, which would also spam the victim). | ||||
| CVE-2017-6081 | 1 Zammad | 1 Zammad | 2024-08-05 | N/A |
| A CSRF issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. To exploit the vulnerability, an attacker can send cross-domain requests directly to the REST API for users with a valid session cookie. | ||||
| CVE-2017-6080 | 1 Zammad | 1 Zammad | 2024-08-05 | N/A |
| An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, caused by lack of a protection mechanism involving HTTP Access-Control headers. To exploit the vulnerability, an attacker can send cross-domain requests directly to the REST API for users with a valid session cookie and receive the result. | ||||
| CVE-2017-5621 | 1 Zammad | 1 Zammad | 2024-08-05 | N/A |
| An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. XSS can be triggered via malicious HTML in a chat message or the content of a ticket article, when using either the REST API or the WebSocket API. | ||||
| CVE-2017-5620 | 1 Zammad | 1 Zammad | 2024-08-05 | N/A |
| An XSS issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Attachments are opened in a new tab instead of getting downloaded. This creates an attack vector of executing code in the domain of the application. | ||||
| CVE-2017-5619 | 1 Zammad | 1 Zammad | 2024-08-05 | N/A |
| An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Attackers can login with the hashed password itself (e.g., from the DB) instead of the valid password string. | ||||
| CVE-2019-1010018 | 1 Zammad | 1 Zammad | 2024-08-05 | N/A |
| Zammad GmbH Zammad 2.3.0 and earlier is affected by: Cross Site Scripting (XSS) - CWE-80. The impact is: Execute java script code on users browser. The component is: web app. The attack vector is: the victim must open a ticket. The fixed version is: 2.3.1, 2.2.2 and 2.1.3. | ||||
| CVE-2020-29158 | 1 Zammad | 1 Zammad | 2024-08-04 | 4.3 Medium |
| An issue was discovered in Zammad before 3.5.1. An Agent with Customer permissions in a Group can bypass intended access control on internal Articles via the Ticket detail view. | ||||
| CVE-2020-29159 | 1 Zammad | 1 Zammad | 2024-08-04 | 4.9 Medium |
| An issue was discovered in Zammad before 3.5.1. The default signup Role (for newly created Users) can be a privileged Role, if configured by an admin. This behvaior was unintended. | ||||
| CVE-2020-29160 | 1 Zammad | 1 Zammad | 2024-08-04 | 7.5 High |
| An issue was discovered in Zammad before 3.5.1. A REST API call allows an attacker to change Ticket Article data in a way that defeats auditing. | ||||
| CVE-2020-26028 | 1 Zammad | 1 Zammad | 2024-08-04 | 4.9 Medium |
| An issue was discovered in Zammad before 3.4.1. Admin Users without a ticket.* permission can access Tickets. | ||||
| CVE-2020-26029 | 1 Zammad | 1 Zammad | 2024-08-04 | 6.5 Medium |
| An issue was discovered in Zammad before 3.4.1. There are wrong authorization checks for impersonation requests via X-On-Behalf-Of. The authorization checks are performed for the actual user and not the one given in the X-On-Behalf-Of header. | ||||
| CVE-2020-26035 | 1 Zammad | 1 Zammad | 2024-08-04 | 5.4 Medium |
| An issue was discovered in Zammad before 3.4.1. There is Stored XSS via a Tags element in a TIcket. | ||||
| CVE-2020-26031 | 1 Zammad | 1 Zammad | 2024-08-04 | 4.3 Medium |
| An issue was discovered in Zammad before 3.4.1. The global-search feature leaks Knowledge Base drafts to Knowledge Base readers (who are authenticated but have insufficient permissions). | ||||
| CVE-2020-26033 | 1 Zammad | 1 Zammad | 2024-08-04 | 5.4 Medium |
| An issue was discovered in Zammad before 3.4.1. The Tag and Link REST API endpoints (for add and delete) lack a CSRF token check. | ||||
| CVE-2020-26034 | 1 Zammad | 1 Zammad | 2024-08-04 | 4.3 Medium |
| An account-enumeration issue was discovered in Zammad before 3.4.1. The Create User functionality is implemented in a way that would enable an anonymous user to guess valid user email addresses. The application responds differently depending on whether the input supplied was recognized as associated with a valid user. | ||||
| CVE-2020-26032 | 1 Zammad | 1 Zammad | 2024-08-04 | 7.5 High |
| An SSRF issue was discovered in Zammad before 3.4.1. The SMS configuration interface for Massenversand is implemented in a way that renders the result of a test request to the User. An attacker can use this to request any URL via a GET request from the network interface of the server. This may lead to disclosure of information from intranet systems. | ||||
| CVE-2020-26030 | 1 Zammad | 1 Zammad | 2024-08-04 | 9.8 Critical |
| An issue was discovered in Zammad before 3.4.1. There is an authentication bypass in the SSO endpoint via a crafted header, when SSO is not configured. An attacker can create a valid and authenticated session that can be used to perform any actions in the name of other users. | ||||
| CVE-2020-14213 | 1 Zammad | 1 Zammad | 2024-08-04 | 5.4 Medium |
| In Zammad before 3.3.1, a Customer has ticket access that should only be available to an Agent (e.g., read internal data, split, or merge). | ||||