CVE-2023-29867
Summary
Zammad 5.3.x (Fixed 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker could gain information about linked accounts of users involved in their tickets using the Zammad API.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- LOW
- HIGH
- NONE
References
Advisory Timeline
- Published