Podatność CVE-2023-50457
Publikacja: 2023-12-10   Modyfikacja: 2023-12-14

Opis:
An issue was discovered in Zammad before 6.2.0. When listing tickets linked to a knowledge base answer, or knowledge base answers of a ticket, a user could see entries for which they lack permissions.

Typ:

CWE-863

 (Incorrect Authorization)

Affected software
Zammad -> Zammad 

 Referencje:
https://zammad.com/en/advisories/zaa-2023-05
Copyright 2024, cxsecurity.com

 

Back to Top