Users login

Create an account »

JOIN XATRIX

Users login

Home » CVE Vulnerabilities » CVE-2017-6080

CVE-2017-6080 An issue was discovered in Zammad

  • CVE ID: CVE-2017-6080
  • Vendors: Zammad
  • Date: March 13, 2017
  • Severity: High
  • Impact score: 6.40
  • Exploit score: 10.00

An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, caused by lack of a protection mechanism involving HTTP Access-Control headers. To exploit the vulnerability, an attacker can send cross-domain requests directly to the REST API for users with a valid session cookie and receive the result.

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »