CVE-2023-31597 Information

Description

An issue in Zammad v5.4.0 allows attackers to bypass e-mail verification using an arbitrary address and manipulate the data of the generated user. Attackers are also able to gain unauthorized access to existing tickets.

Reference

https://zammad.com/de/advisories/zaa-2023-03