Vulnerabilities

CVE-2022-40817

by Fred · 27/09/2022

Zammad 5.2.1 has a fine-grained permission model that allows to configure read-only access to tickets. However, agents were still wrongly able to perform some operations on such tickets, like adding and removing links, tags. and related answers. This issue has been fixed in 5.2.2.

Date published : 2022-09-27

https://zammad.com/de/advisories/zaa-2022-10

Similar

Tags: Cybersecurity Alert