Zammad is a suite of ticket management software from the German company Zammad. Zammad suffers from an information disclosure vulnerability that stems from the use of the public endpoint /api/v1/signshow as its login screen, which returns internal configuration data for user object attributes. An attacker could exploit this vulnerability to obtain sensitive information.
CPE | Name | Operator | Version |
---|---|---|---|
zammad zammad | eq | 6.1.0 |