Описание
An issue was discovered in Zammad before 3.4.1. The global-search feature leaks Knowledge Base drafts to Knowledge Base readers (who are authenticated but have insufficient permissions).
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.0.0 (включая) до 3.4.1 (исключая)
cpe:2.3:a:zammad:zammad:*:*:*:*:*:*:*:*
EPSS
Процентиль: 33%
0.00129
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-276
Связанные уязвимости
CVSS3: 4.3
debian
около 5 лет назад
An issue was discovered in Zammad before 3.4.1. The global-search feat ...
github
больше 3 лет назад
An issue was discovered in Zammad before 3.4.1. The global-search feature leaks Knowledge Base drafts to Knowledge Base readers (who are authenticated but have insufficient permissions).
EPSS
Процентиль: 33%
0.00129
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-276