Количество 3
Количество 3
CVE-2020-26030
An issue was discovered in Zammad before 3.4.1. There is an authentication bypass in the SSO endpoint via a crafted header, when SSO is not configured. An attacker can create a valid and authenticated session that can be used to perform any actions in the name of other users.
CVE-2020-26030
An issue was discovered in Zammad before 3.4.1. There is an authentica ...
GHSA-7wgm-v99f-436j
An issue was discovered in Zammad before 3.4.1. There is an authentication bypass in the SSO endpoint via a crafted header, when SSO is not configured. An attacker can create a valid and authenticated session that can be used to perform any actions in the name of other users.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-26030 An issue was discovered in Zammad before 3.4.1. There is an authentication bypass in the SSO endpoint via a crafted header, when SSO is not configured. An attacker can create a valid and authenticated session that can be used to perform any actions in the name of other users. | CVSS3: 9.8 | 0% Низкий | около 5 лет назад |
| CVE-2020-26030 An issue was discovered in Zammad before 3.4.1. There is an authentica ... | CVSS3: 9.8 | 0% Низкий | около 5 лет назад |
| GHSA-7wgm-v99f-436j An issue was discovered in Zammad before 3.4.1. There is an authentication bypass in the SSO endpoint via a crafted header, when SSO is not configured. An attacker can create a valid and authenticated session that can be used to perform any actions in the name of other users. | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу