Sensitive Information Disclosure in Zammad 1.0.x up to 4.0.0 via Ticket Article Detail View

Sensitive Information Disclosure in Zammad 1.0.x up to 4.0.0 via Ticket Article Detail View

CVE-2021-35301 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Incorrect Access Control in Zammad 1.0.x up to 4.0.0 allows remote attackers to obtain sensitive information via the Ticket Article detail view.

Learn more about our Web Application Penetration Testing UK.