CVE-2022-27331

2022-04-2702:47:09

mitre

www.cve.org

4.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.7%

JSON

An access control issue in Zammad v5.0.3 broadcasts administrative configuration changes to all users who have an active application instance, including settings that should only be visible to authenticated users.

References

zammad.com/de/advisories/zaa-2022-02