An issue was discovered in Zammad before 5.0.1. In some cases, there is improper enforcement of the privilege requirement for viewing a list of tickets that shows title, state, etc.
References
Link | Resource |
---|---|
https://zammad.com/en/advisories/zaa-2021-19 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-10-11T04:02:32
Updated: 2021-10-11T04:02:32
Reserved: 2021-10-11T00:00:00
Link: CVE-2021-42137
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-10-11T05:15:06.510
Modified: 2022-07-12T17:42:04.277
Link: CVE-2021-42137
JSON object: View
Redhat Information
No data.
CWE