Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Zammad before 6.2.0. It uses the public endpoint /api/v1/signshow for its login screen. This endpoint returns internal configuration data of user object attributes, such as selectable values, which should not be visible to the public.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zammad 安全漏洞
Vulnerability Description
Zammad是德国Zammad公司的一套票务管理软件。 Zammad 6.2.0之前版本存在安全漏洞,该漏洞源于使用公共端点 /api/v1/signshow 作为其登录屏幕,此端点会返回用户对象属性的内部配置数据。
CVSS Information
N/A
Vulnerability Type
N/A