Количество 3
Количество 3
CVE-2025-32359
In Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. When changing their two factor authentication configuration, users need to re-authenticate with their current password first. However, this change was enforced in Zammad only on the front end level, and not when using the API directly.
CVE-2025-32359
In Zammad 6.4.x before 6.4.2, there is client-side enforcement of serv ...
GHSA-g3qr-3fvc-4fm6
In Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. When changing their two factor authentication configuration, users need to re-authenticate with their current password first. However, this change was enforced in Zammad only on the front end level, and not when using the API directly.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-32359 In Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. When changing their two factor authentication configuration, users need to re-authenticate with their current password first. However, this change was enforced in Zammad only on the front end level, and not when using the API directly. | CVSS3: 4.8 | 0% Низкий | 10 месяцев назад |
| CVE-2025-32359 In Zammad 6.4.x before 6.4.2, there is client-side enforcement of serv ... | CVSS3: 4.8 | 0% Низкий | 10 месяцев назад |
| GHSA-g3qr-3fvc-4fm6 In Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. When changing their two factor authentication configuration, users need to re-authenticate with their current password first. However, this change was enforced in Zammad only on the front end level, and not when using the API directly. | CVSS3: 4.8 | 0% Низкий | 10 месяцев назад |
Уязвимостей на страницу