Powrót

Podatność ZAA-2020-17

Kategorie

Security Advisory Details

  • ID: ZAA-2020-17
  • Date: 09/22/2020
  • Title: Tag and Link REST API endpoints lack CSRF token check
  • Severity: low
  • Product: Zammad 1.0.x up to 3.4.0
  • Fixed in: Zammad 3.4.1, 3.5.0
  • References:
    –> CVE: Pending

Online version of this advisory: https://zammad.com/en/advisories/zaa-2020-17

Zobacz po przeczytaniu jeszcze

Podatność CVE-2020-1179 (RCE)
2020-12-08
Alcatel-Lucent Security Advisory: CVE-2020-1179 (RCE)OTMS remote code executionI have discovered a vulnerability in OpenTouch Multimedia Services, making it possible for an attacker with administration rights to execute code on the server via web requests with high privileges. Description of the…
Czytaj dalej
Podatność ZAA-2020-15
2020-11-18
Security Advisory Details ID: ZAA-2020-15 Date: 09/22/2020 Title: Application Functionality Can Be Used to perform Server-Side Request Forgery Severity: medium Product: Zammad 1.0.x up to 3.4.0 Fixed in: Zammad 3.4.1, 3.5.0 References: –> CVE: Pending Online version of this advisory: https://zammad.com/en/advisories/zaa-2020-15
Czytaj dalej
Podatność ZAA-2020-21
2020-12-08
Security Advisory Details ID: ZAA-2020-21 Date: 09/22/2020 Title: Stored XSS in Tags element Severity: medium Product: Zammad 1.0.x up to 3.4.0 Fixed in: Zammad 3.4.1, 3.5.0 References: –> CVE: Pending Online version of this advisory: https://zammad.com/en/advisories/zaa-2020-21
Czytaj dalej