Skip to main content

Zammad

84 CVEs product

Monthly

CVE-2026-34837 MEDIUM PATCH This Month

Zammad versions prior to 7.0.1 fail to validate user authorization for context data supplied to the REST endpoint POST /api/v1/ai_assistance/text_tools/:id, allowing authenticated agents to access and leak unauthorized information (such as group or organization data) through AI prompt injection. The vulnerability requires the attacker to possess ticket.agent permission but does not require additional user interaction; no public exploit code or active exploitation has been identified at the time of analysis.

Authentication Bypass Zammad
NVD GitHub
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-34782 MEDIUM PATCH This Month

Bypass of access controls in Zammad REST API endpoint POST /api/v1/ai_assistance/text_tools/:id allows authenticated users to utilize AI text tools without proper privilege verification in versions prior to 7.0.1 and 6.5.4. An authenticated attacker can invoke AI assistance features regardless of their assigned permissions, leading to unauthorized consumption of text tool functionality and potential information disclosure through unrestricted tool access.

Authentication Bypass Zammad
NVD GitHub
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-34724 HIGH PATCH This Week

Remote code execution in Zammad 7.0.0 allows authenticated administrators with high-level privileges to inject malicious server-side templates through AI Agent configuration parameters, leading to arbitrary code execution on the helpdesk server. Exploitation requires administrative access to control type_enrichment_data settings and user interaction. Vendor-released patch version 7.0.1 is available. EPSS score of 0.04% indicates low exploitation probability in the wild; no public exploit identified at time of analysis.

RCE Code Injection Zammad
NVD GitHub
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-34723 HIGH PATCH This Week

Unauthenticated remote information disclosure in Zammad helpdesk system versions before 7.0.1 and 6.5.4 allows attackers to access sensitive internal entity data through exposed getting started endpoint. The vulnerability bypasses authentication controls, enabling unauthorized access to confidential system information post-setup. Attack vector is network-based with low complexity requiring no user interaction. No public exploit identified at time of analysis. CVSS 8.7 reflects high confidentiality impact.

Authentication Bypass Zammad
NVD GitHub
CVSS 4.0
8.7
EPSS
0.1%
CVE-2026-34722 MEDIUM PATCH This Month

Unauthenticated attackers can bypass authorization on Zammad's ticket creation endpoint when using the link parameter, allowing unauthorized ticket creation and modification in affected versions prior to 6.5.4 and 7.0.1. This authentication bypass (CWE-862) affects all versions of Zammad before the patched releases and requires only network access with no user interaction or special complexity.

Authentication Bypass Zammad
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-34720 LOW PATCH Monitor

Zammad prior to versions 7.0.1 and 6.5.4 fails to validate that Single Sign-On (SSO) headers originate from trusted proxy/gateway sources before processing them, allowing authenticated attackers with particular preconditions to cause limited information disclosure. The vulnerability requires authentication, high attack complexity, and specific preconditions (AT:P in CVSS 4.0 vector), resulting in a low real-world risk profile despite network accessibility.

Information Disclosure Zammad
NVD GitHub VulDB
CVSS 4.0
2.3
EPSS
0.0%
CVE-2026-34719 HIGH PATCH This Week

Server-side request forgery in Zammad webhook implementation allows authenticated administrators to retrieve confidential cloud provider metadata by exploiting insufficient validation of loopback and link-local addresses. Affects versions before 7.0.1 and 6.5.4. Attackers with privileged access can configure malicious webhook URLs targeting internal infrastructure endpoints, bypassing intended URL scheme restrictions. No public exploit identified at time of analysis. CVSS 8.3 reflects high confidentiality and availability impacts on vulnerable and subsequent systems.

SSRF Zammad
NVD GitHub VulDB
CVSS 4.0
8.3
EPSS
0.0%
CVE-2026-34718 MEDIUM PATCH This Month

Improper HTML sanitization in Zammad ticket article processing prior to versions 7.0.1 and 6.5.4 allows unauthenticated remote attackers to inject malicious data URI schemes that persist in the database, potentially enabling stored cross-site scripting (XSS) attacks. While current Content Security Policy mitigations prevent immediate harm from link clicks, the vulnerability represents a persistent data integrity issue and stored XSS vector that could be exploited if CSP rules are modified or bypassed. No public exploit code has been identified, but the vulnerability affects all instances running unpatched versions.

XSS Zammad
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-34248 LOW PATCH Monitor

Zammad prior to 7.0.1 improperly discloses internal ticket fields to customers within shared organizations, allowing them to view restricted fields such as priority and custom internal attributes when accessing tickets from other organization members. This information disclosure vulnerability requires customer-level authentication and user interaction to exploit, and has a very low CVSS score of 2.1 reflecting minimal confidentiality impact with no ability to modify exposed data.

Authentication Bypass Zammad
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-32360 MEDIUM This Month

In Zammad 6.4.x before 6.4.2, there is information exposure. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2025-32359 MEDIUM This Month

In Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
4.8
EPSS
0.1%
CVE-2025-32358 MEDIUM This Month

In Zammad 6.4.x before 6.4.2, SSRF can occur. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

SSRF Zammad
NVD
CVSS 3.1
4.0
EPSS
0.2%
CVE-2025-32357 MEDIUM This Month

In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge base permissions was able to use the Zammad API to fetch knowledge base content that they have no permission for. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-55578 MEDIUM This Month

Zammad before 6.4.1 places sensitive data (such as auth_microsoft_office365_credentials and application_secret) in log files. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-36078 MEDIUM This Month

In Zammad before 6.3.1, a Ruby gem bundled by Zammad is installed with world-writable file permissions. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Code Injection RCE Zammad
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2024-33668 CRITICAL Act Now

An issue was discovered in Zammad before 6.3.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
CVSS 3.1
9.1
EPSS
0.4%
CVE-2024-33667 MEDIUM This Month

An issue was discovered in Zammad before 6.3.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Zammad
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-33666 HIGH This Week

An issue was discovered in Zammad before 6.3.0. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
CVSS 3.1
8.6
EPSS
0.5%
CVE-2023-50457 MEDIUM This Month

An issue was discovered in Zammad before 6.2.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2023-50456 MEDIUM This Month

An issue was discovered in Zammad before 6.2.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Zammad
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-50455 HIGH This Week

An issue was discovered in Zammad before 6.2.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Zammad
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-50454 MEDIUM This Month

An issue was discovered in Zammad before 6.2.0. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
5.9
EPSS
0.3%
CVE-2023-50453 MEDIUM This Month

An issue was discovered in Zammad before 6.2.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-31597 MEDIUM PATCH This Month

An issue in Zammad v5.4.0 allows attackers to bypass e-mail verification using an arbitrary address and manipulate the data of the generated user. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Zammad
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2023-29868 MEDIUM This Month

Zammad 5.3.x (Fixed in 5.4.0) is vulnerable to Incorrect Access Control. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2023-29867 MEDIUM This Month

Zammad 5.3.x (Fixed 5.4.0) is vulnerable to Incorrect Access Control. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2022-40817 MEDIUM This Month

Zammad 5.2.1 has a fine-grained permission model that allows to configure read-only access to tickets. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
4.3
EPSS
0.4%
CVE-2022-40816 MEDIUM This Month

Zammad 5.2.1 is vulnerable to Incorrect Access Control. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-35490 CRITICAL Act Now

Zammad 5.2.0 is vulnerable to privilege escalation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Zammad
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-35489 MEDIUM This Month

In Zammad 5.2.0, customers who have secondary organizations assigned were able to see all organizations of the system rather than only those to which they are assigned. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-35488 HIGH This Week

In Zammad 5.2.0, an attacker could manipulate the rate limiting in the 'forgot password' feature of Zammad, and thereby send many requests for a known account to cause Denial Of Service by many. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Zammad
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-35487 HIGH This Week

Zammad 5.2.0 suffers from Incorrect Access Control. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-29701 HIGH PATCH This Week

A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Zammad
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-29700 HIGH PATCH This Week

A lack of password length restriction in Zammad v5.1.0 allows for the creation of extremely long passwords which can cause a Denial of Service (DoS) during password verification. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Brute Force Zammad
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-27332 CRITICAL PATCH Act Now

An access control issue in Zammad v5.0.3 allows attackers to write entries to the CTI caller log without authentication. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Denial Of Service Authentication Bypass Zammad
NVD
CVSS 3.1
9.1
EPSS
1.0%
CVE-2022-27331 MEDIUM PATCH This Month

An access control issue in Zammad v5.0.3 broadcasts administrative configuration changes to all users who have an active application instance, including settings that should only be visible to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Information Disclosure Zammad
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-42137 MEDIUM This Month

An issue was discovered in Zammad before 5.0.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2021-42091 CRITICAL Act Now

An issue was discovered in Zammad before 4.1.1. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Gitlab SSRF Zammad
NVD
CVSS 3.1
9.1
EPSS
1.0%
CVE-2021-42090 CRITICAL Act Now

An issue was discovered in Zammad before 4.1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization RCE Zammad
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2021-42089 HIGH This Week

An issue was discovered in Zammad before 4.1.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-42088 MEDIUM This Month

An issue was discovered in Zammad before 4.1.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zammad
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-42087 MEDIUM This Month

An issue was discovered in Zammad before 4.1.1. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2021-42086 HIGH This Week

An issue was discovered in Zammad before 4.1.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2021-42085 MEDIUM This Month

An issue was discovered in Zammad before 4.1.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Zammad
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-42084 MEDIUM This Month

An issue was discovered in Zammad before 4.1.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Zammad
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2021-42094 CRITICAL Act Now

An issue was discovered in Zammad before 4.1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Zammad
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2021-42093 HIGH This Week

An issue was discovered in Zammad before 4.1.1. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
7.2
EPSS
1.3%
CVE-2021-42092 MEDIUM This Month

An issue was discovered in Zammad before 4.1.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Zammad
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2021-35303 MEDIUM This Month

Cross Site Scripting (XSS) in Zammad 1.0.x up to 4.0.0 allows remote attackers to execute arbitrary web script or HTML via the User Avatar attribute. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zammad
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-35302 MEDIUM This Month

Incorrect Access Control for linked Tickets in Zammad 1.0.x up to 4.0.0 allows remote attackers to obtain sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2021-35301 MEDIUM This Month

Incorrect Access Control in Zammad 1.0.x up to 4.0.0 allows remote attackers to obtain sensitive information via the Ticket Article detail view. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
5.3
EPSS
1.2%
CVE-2021-35300 MEDIUM PATCH This Month

Text injection/Content Spoofing in 404 page in Zammad 1.0.x up to 4.0.0 could allow remote attackers to manipulate users into visiting the attackers' page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Zammad
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2021-35299 HIGH This Week

Incorrect Access Control in Zammad 1.0.x up to 4.0.0 allows attackers to obtain sensitive information via email connection configuration probing. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2021-35298 MEDIUM This Month

Cross Site Scripting (XSS) in Zammad 1.0.x up to 4.0.0 allows remote attackers to execute arbitrary web script or HTML via multiple models that contain a 'note' field to store additional information. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zammad
NVD
CVSS 3.1
6.1
EPSS
1.1%
CVE-2020-29160 HIGH PATCH This Week

An issue was discovered in Zammad before 3.5.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Zammad
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2020-29159 MEDIUM PATCH This Month

An issue was discovered in Zammad before 3.5.1. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Zammad
NVD GitHub
CVSS 3.1
4.9
EPSS
0.9%
CVE-2020-29158 MEDIUM PATCH This Month

An issue was discovered in Zammad before 3.5.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Zammad
NVD GitHub
CVSS 3.1
4.3
EPSS
0.7%
CVE-2020-26035 MEDIUM This Month

An issue was discovered in Zammad before 3.4.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Zammad
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2020-26034 MEDIUM This Month

An account-enumeration issue was discovered in Zammad before 3.4.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2020-26033 MEDIUM This Month

An issue was discovered in Zammad before 3.4.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Zammad
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2020-26032 HIGH This Week

An SSRF issue was discovered in Zammad before 3.4.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Zammad
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2020-26031 MEDIUM This Month

An issue was discovered in Zammad before 3.4.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Zammad
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2020-26030 CRITICAL Act Now

An issue was discovered in Zammad before 3.4.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2020-26029 MEDIUM This Month

An issue was discovered in Zammad before 3.4.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2020-26028 MEDIUM This Month

An issue was discovered in Zammad before 3.4.1. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2020-14214 MEDIUM PATCH This Month

Zammad before 3.3.1, when Domain Based Assignment is enabled, relies on a claimed e-mail address for authorization decisions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Zammad
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2020-14213 MEDIUM PATCH This Month

In Zammad before 3.3.1, a Customer has ticket access that should only be available to an Agent (e.g., read internal data, split, or merge). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Zammad
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-10105 MEDIUM PATCH This Month

An issue was discovered in Zammad 3.0 through 3.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Path Traversal Information Disclosure Zammad
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2020-10104 MEDIUM PATCH This Month

An issue was discovered in Zammad 3.0 through 3.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Authentication Bypass Information Disclosure Zammad
NVD
CVSS 3.1
4.3
EPSS
0.8%
CVE-2020-10103 MEDIUM PATCH This Month

An XSS issue was discovered in Zammad 3.0 through 3.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS File Upload Zammad
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2020-10102 MEDIUM PATCH This Month

An issue was discovered in Zammad 3.0 through 3.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Information Disclosure Zammad
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2020-10101 HIGH PATCH This Week

An issue was discovered in Zammad 3.0 through 3.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Zammad
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2020-10100 MEDIUM PATCH This Month

An issue was discovered in Zammad 3.0 through 3.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Zammad
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2020-10099 MEDIUM PATCH This Month

An XSS issue was discovered in Zammad 3.0 through 3.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Zammad
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2020-10098 MEDIUM PATCH This Month

An XSS issue was discovered in Zammad 3.0 through 3.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Zammad
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2020-10097 MEDIUM PATCH This Month

An issue was discovered in Zammad 3.0 through 3.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Zammad
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2020-10096 HIGH PATCH This Week

An issue was discovered in Zammad 3.0 through 3.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Zammad
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2019-1010018 MEDIUM PATCH This Month

Zammad GmbH Zammad 2.3.0 and earlier is affected by: Cross Site Scripting (XSS) - CWE-80. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Java Zammad
NVD GitHub
CVSS 3.0
6.1
EPSS
1.3%
CVE-2018-1000154 MEDIUM This Month

Zammad GmbH Zammad version 2.3.0 and earlier contains a Improper Neutralization of Script-Related HTML Tags in a Web Page (CWE-80) vulnerability in the subject of emails which are not html quoted in. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java XSS Zammad
NVD GitHub
CVSS 3.0
6.1
EPSS
1.6%
CVE-2017-6081 HIGH This Week

A CSRF issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Zammad
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2017-6080 CRITICAL Act Now

An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, caused by lack of a protection mechanism involving HTTP Access-Control headers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Zammad
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2017-5621 MEDIUM This Month

An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zammad
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-5620 MEDIUM This Month

An XSS issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zammad
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2017-5619 CRITICAL Act Now

An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
CVSS 3.0
9.8
EPSS
0.4%
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Zammad versions prior to 7.0.1 fail to validate user authorization for context data supplied to the REST endpoint POST /api/v1/ai_assistance/text_tools/:id, allowing authenticated agents to access and leak unauthorized information (such as group or organization data) through AI prompt injection. The vulnerability requires the attacker to possess ticket.agent permission but does not require additional user interaction; no public exploit code or active exploitation has been identified at the time of analysis.

Authentication Bypass Zammad
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Bypass of access controls in Zammad REST API endpoint POST /api/v1/ai_assistance/text_tools/:id allows authenticated users to utilize AI text tools without proper privilege verification in versions prior to 7.0.1 and 6.5.4. An authenticated attacker can invoke AI assistance features regardless of their assigned permissions, leading to unauthorized consumption of text tool functionality and potential information disclosure through unrestricted tool access.

Authentication Bypass Zammad
NVD GitHub
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Remote code execution in Zammad 7.0.0 allows authenticated administrators with high-level privileges to inject malicious server-side templates through AI Agent configuration parameters, leading to arbitrary code execution on the helpdesk server. Exploitation requires administrative access to control type_enrichment_data settings and user interaction. Vendor-released patch version 7.0.1 is available. EPSS score of 0.04% indicates low exploitation probability in the wild; no public exploit identified at time of analysis.

RCE Code Injection Zammad
NVD GitHub
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Unauthenticated remote information disclosure in Zammad helpdesk system versions before 7.0.1 and 6.5.4 allows attackers to access sensitive internal entity data through exposed getting started endpoint. The vulnerability bypasses authentication controls, enabling unauthorized access to confidential system information post-setup. Attack vector is network-based with low complexity requiring no user interaction. No public exploit identified at time of analysis. CVSS 8.7 reflects high confidentiality impact.

Authentication Bypass Zammad
NVD GitHub
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

Unauthenticated attackers can bypass authorization on Zammad's ticket creation endpoint when using the link parameter, allowing unauthorized ticket creation and modification in affected versions prior to 6.5.4 and 7.0.1. This authentication bypass (CWE-862) affects all versions of Zammad before the patched releases and requires only network access with no user interaction or special complexity.

Authentication Bypass Zammad
NVD GitHub VulDB
EPSS 0% CVSS 2.3
LOW PATCH Monitor

Zammad prior to versions 7.0.1 and 6.5.4 fails to validate that Single Sign-On (SSO) headers originate from trusted proxy/gateway sources before processing them, allowing authenticated attackers with particular preconditions to cause limited information disclosure. The vulnerability requires authentication, high attack complexity, and specific preconditions (AT:P in CVSS 4.0 vector), resulting in a low real-world risk profile despite network accessibility.

Information Disclosure Zammad
NVD GitHub VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Server-side request forgery in Zammad webhook implementation allows authenticated administrators to retrieve confidential cloud provider metadata by exploiting insufficient validation of loopback and link-local addresses. Affects versions before 7.0.1 and 6.5.4. Attackers with privileged access can configure malicious webhook URLs targeting internal infrastructure endpoints, bypassing intended URL scheme restrictions. No public exploit identified at time of analysis. CVSS 8.3 reflects high confidentiality and availability impacts on vulnerable and subsequent systems.

SSRF Zammad
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Improper HTML sanitization in Zammad ticket article processing prior to versions 7.0.1 and 6.5.4 allows unauthenticated remote attackers to inject malicious data URI schemes that persist in the database, potentially enabling stored cross-site scripting (XSS) attacks. While current Content Security Policy mitigations prevent immediate harm from link clicks, the vulnerability represents a persistent data integrity issue and stored XSS vector that could be exploited if CSP rules are modified or bypassed. No public exploit code has been identified, but the vulnerability affects all instances running unpatched versions.

XSS Zammad
NVD GitHub VulDB
EPSS 0% CVSS 2.1
LOW PATCH Monitor

Zammad prior to 7.0.1 improperly discloses internal ticket fields to customers within shared organizations, allowing them to view restricted fields such as priority and custom internal attributes when accessing tickets from other organization members. This information disclosure vulnerability requires customer-level authentication and user interaction to exploit, and has a very low CVSS score of 2.1 reflecting minimal confidentiality impact with no ability to modify exposed data.

Authentication Bypass Zammad
NVD GitHub VulDB
EPSS 0% CVSS 4.2
MEDIUM This Month

In Zammad 6.4.x before 6.4.2, there is information exposure. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Zammad
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

In Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Zammad
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

In Zammad 6.4.x before 6.4.2, SSRF can occur. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

SSRF Zammad
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge base permissions was able to use the Zammad API to fetch knowledge base content that they have no permission for. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Zammad before 6.4.1 places sensitive data (such as auth_microsoft_office365_credentials and application_secret) in log files. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

In Zammad before 6.3.1, a Ruby gem bundled by Zammad is installed with world-writable file permissions. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Code Injection RCE Zammad
NVD
EPSS 0% CVSS 9.1
CRITICAL Act Now

An issue was discovered in Zammad before 6.3.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An issue was discovered in Zammad before 6.3.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Zammad
NVD
EPSS 1% CVSS 8.6
HIGH This Week

An issue was discovered in Zammad before 6.3.0. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

An issue was discovered in Zammad before 6.2.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

An issue was discovered in Zammad before 6.2.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Zammad
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An issue was discovered in Zammad before 6.2.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Zammad
NVD
EPSS 0% CVSS 5.9
MEDIUM This Month

An issue was discovered in Zammad before 6.2.0. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Zammad
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

An issue was discovered in Zammad before 6.2.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

An issue in Zammad v5.4.0 allows attackers to bypass e-mail verification using an arbitrary address and manipulate the data of the generated user. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Zammad
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Zammad 5.3.x (Fixed in 5.4.0) is vulnerable to Incorrect Access Control. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Zammad 5.3.x (Fixed 5.4.0) is vulnerable to Incorrect Access Control. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Zammad 5.2.1 has a fine-grained permission model that allows to configure read-only access to tickets. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Zammad 5.2.1 is vulnerable to Incorrect Access Control. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Zammad 5.2.0 is vulnerable to privilege escalation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Zammad
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

In Zammad 5.2.0, customers who have secondary organizations assigned were able to see all organizations of the system rather than only those to which they are assigned. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
EPSS 1% CVSS 7.5
HIGH This Week

In Zammad 5.2.0, an attacker could manipulate the rate limiting in the 'forgot password' feature of Zammad, and thereby send many requests for a known account to cause Denial Of Service by many. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Zammad
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Zammad 5.2.0 suffers from Incorrect Access Control. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Zammad
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A lack of password length restriction in Zammad v5.1.0 allows for the creation of extremely long passwords which can cause a Denial of Service (DoS) during password verification. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Brute Force Zammad
NVD
EPSS 1% CVSS 9.1
CRITICAL PATCH Act Now

An access control issue in Zammad v5.0.3 allows attackers to write entries to the CTI caller log without authentication. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Denial Of Service Authentication Bypass Zammad
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

An access control issue in Zammad v5.0.3 broadcasts administrative configuration changes to all users who have an active application instance, including settings that should only be visible to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Resource to Wrong Sphere vulnerability could allow attackers to access resources from an unintended security context.

Information Disclosure Zammad
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

An issue was discovered in Zammad before 5.0.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

An issue was discovered in Zammad before 4.1.1. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Gitlab SSRF Zammad
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

An issue was discovered in Zammad before 4.1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization RCE Zammad
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An issue was discovered in Zammad before 4.1.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

An issue was discovered in Zammad before 4.1.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zammad
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

An issue was discovered in Zammad before 4.1.1. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
EPSS 1% CVSS 8.8
HIGH This Week

An issue was discovered in Zammad before 4.1.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

An issue was discovered in Zammad before 4.1.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Zammad
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An issue was discovered in Zammad before 4.1.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Zammad
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

An issue was discovered in Zammad before 4.1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Zammad
NVD
EPSS 1% CVSS 7.2
HIGH This Week

An issue was discovered in Zammad before 4.1.1. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

An issue was discovered in Zammad before 4.1.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Zammad
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Cross Site Scripting (XSS) in Zammad 1.0.x up to 4.0.0 allows remote attackers to execute arbitrary web script or HTML via the User Avatar attribute. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zammad
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Incorrect Access Control for linked Tickets in Zammad 1.0.x up to 4.0.0 allows remote attackers to obtain sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

Incorrect Access Control in Zammad 1.0.x up to 4.0.0 allows remote attackers to obtain sensitive information via the Ticket Article detail view. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

Text injection/Content Spoofing in 404 page in Zammad 1.0.x up to 4.0.0 could allow remote attackers to manipulate users into visiting the attackers' page. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Zammad
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Incorrect Access Control in Zammad 1.0.x up to 4.0.0 allows attackers to obtain sensitive information via email connection configuration probing. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Cross Site Scripting (XSS) in Zammad 1.0.x up to 4.0.0 allows remote attackers to execute arbitrary web script or HTML via multiple models that contain a 'note' field to store additional information. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zammad
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

An issue was discovered in Zammad before 3.5.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Zammad
NVD GitHub
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

An issue was discovered in Zammad before 3.5.1. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Zammad
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

An issue was discovered in Zammad before 3.5.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Zammad
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM This Month

An issue was discovered in Zammad before 3.4.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Zammad
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

An account-enumeration issue was discovered in Zammad before 3.4.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zammad
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

An issue was discovered in Zammad before 3.4.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Zammad
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An SSRF issue was discovered in Zammad before 3.4.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Zammad
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

An issue was discovered in Zammad before 3.4.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Zammad
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An issue was discovered in Zammad before 3.4.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An issue was discovered in Zammad before 3.4.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

An issue was discovered in Zammad before 3.4.1. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Zammad before 3.3.1, when Domain Based Assignment is enabled, relies on a claimed e-mail address for authorization decisions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Zammad
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

In Zammad before 3.3.1, a Customer has ticket access that should only be available to an Agent (e.g., read internal data, split, or merge). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Zammad
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

An issue was discovered in Zammad 3.0 through 3.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Path Traversal Information Disclosure Zammad
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

An issue was discovered in Zammad 3.0 through 3.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Authentication Bypass Information Disclosure Zammad
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

An XSS issue was discovered in Zammad 3.0 through 3.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS File Upload Zammad
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

An issue was discovered in Zammad 3.0 through 3.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Information Disclosure Zammad
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

An issue was discovered in Zammad 3.0 through 3.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Zammad
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

An issue was discovered in Zammad 3.0 through 3.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Zammad
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

An XSS issue was discovered in Zammad 3.0 through 3.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Zammad
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

An XSS issue was discovered in Zammad 3.0 through 3.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Zammad
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

An issue was discovered in Zammad 3.0 through 3.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Zammad
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

An issue was discovered in Zammad 3.0 through 3.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Zammad
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Zammad GmbH Zammad 2.3.0 and earlier is affected by: Cross Site Scripting (XSS) - CWE-80. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Java Zammad
NVD GitHub
EPSS 2% CVSS 6.1
MEDIUM This Month

Zammad GmbH Zammad version 2.3.0 and earlier contains a Improper Neutralization of Script-Related HTML Tags in a Web Page (CWE-80) vulnerability in the subject of emails which are not html quoted in. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java XSS Zammad
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Week

A CSRF issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Zammad
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, caused by lack of a protection mechanism involving HTTP Access-Control headers. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Zammad
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zammad
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

An XSS issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zammad
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Zammad
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy