Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An SSRF issue was discovered in Zammad before 3.4.1. The SMS configuration interface for Massenversand is implemented in a way that renders the result of a test request to the User. An attacker can use this to request any URL via a GET request from the network interface of the server. This may lead to disclosure of information from intranet systems.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zammad 代码问题漏洞
Vulnerability Description
Zammad是德国Zammad公司的一套票务管理软件。 Zammad 3.4.1之前版本存在代码问题漏洞,该漏洞源于Massenversand的SMS配置接口的实现方式是将测试请求的结果呈现给用户。攻击者可利用该漏洞可以使用它通过服务器网络接口的GET请求来请求任何URL。这可能导致内部网系统的信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A