An issue in Zammad v5.4.0 allows malicious users to bypass e-mail verification using an arbitrary address and manipulate the data of the generated user. Attackers are also able to gain unauthorized access to existing tickets.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zammad zammad |