Описание
An issue was discovered in Zammad before 6.2.0. When listing tickets linked to a knowledge base answer, or knowledge base answers of a ticket, a user could see entries for which they lack permissions.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:zammad:zammad:6.1.0:-:*:*:*:*:*:*
cpe:2.3:a:zammad:zammad:6.1.0:alpha:*:*:*:*:*:*
cpe:2.3:a:zammad:zammad:6.2.0:alpha:*:*:*:*:*:*
EPSS
Процентиль: 33%
0.00134
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-863
Связанные уязвимости
CVSS3: 4.3
debian
около 2 лет назад
An issue was discovered in Zammad before 6.2.0. When listing tickets l ...
CVSS3: 4.3
github
около 2 лет назад
An issue was discovered in Zammad before 6.2.0. When listing tickets linked to a knowledge base answer, or knowledge base answers of a ticket, a user could see entries for which they lack permissions.
EPSS
Процентиль: 33%
0.00134
Низкий
4.3 Medium
CVSS3
Дефекты
CWE-863