Zammad 5.3.x (Fixed 5.4.0) Incorrect Access Control Vulnerability
CVE-2023-29867 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Zammad 5.3.x (Fixed 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker could gain information about linked accounts of users involved in their tickets using the Zammad API.
Learn more about our Api Penetration Testing.