CVE-2020-10104

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-10104
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-10104.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-10104
Published
2020-03-05T01:15:12Z
Modified
2024-05-29T22:41:40Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

An issue was discovered in Zammad 3.0 through 3.2. After authentication, it transmits sensitive information to the user that may be compromised and used by an attacker to gain unauthorized access. Hashed passwords are returned to the user when visiting a certain URL.

References

Affected packages

Git / github.com/zammad/zammad

Affected ranges

Type
GIT
Repo
https://github.com/zammad/zammad
Events