A vulnerability was found in Zammad up to 4.0.0. It has been rated as critical. Affected by this issue is some unknown functionality of the component Linked Ticket Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Zammad up to 4.0.0 Linked Ticket access control
- Virtual Patching
- June 29, 2021
- 6:05 am
Contact us to get started
CVE-2023-33553 : PLANET WDRT-1800AX 1.01-CP2 COOKIE LOGINSTATUS IMPROPER AUTHENTICATION
Description An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication and escalate privileges to root via manipulation
CVE-2023-20887 : VMWARE ARIA OPERATIONS FOR NETWORKS 6.X COMMAND INJECTION
Description Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations
CVE-2023-29632 : JMSPAGEBUILDER 3.X ON PRESTASHOP AJAX_JMSPAGEBUILDER.PHP SQL INJECTION
Description PrestaShop jmspagebuilder 3.x is vulnerable to SQL Injection via ajax_jmspagebuilder.php. References https://friends-of-presta.github.io/security-advisories/modules/2023/03/13/jmspagebuilder.html For More Information MITRE