Vulnerability CVE-2023-50457
Published: 2023-12-10   Modified: 2023-12-14

Description:
An issue was discovered in Zammad before 6.2.0. When listing tickets linked to a knowledge base answer, or knowledge base answers of a ticket, a user could see entries for which they lack permissions.

Type:

CWE-863

 (Incorrect Authorization)

Affected software
Zammad -> Zammad 

 References:
https://zammad.com/en/advisories/zaa-2023-05
Copyright 2024, cxsecurity.com

 

Back to Top