Zammad Multiple Security Vulnerabilities
Zammad is prone to the following security vulnerabilities.
1. Multiple security-bypass vulnerabilities
2. Multiple cross-site scripting vulnerabilities
3. A cross-site-request forgery vulnerability
An attacker can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication credentials, perform unauthorized actions in the context of the affected application.
Zammad prior to 1.0.4, 1.1.x prior to 1.1.3, and 1.2.x prior to 1.2.1