Zammad is a suite of ticket management software from the German company Zammad. Zammad suffers from an information disclosure vulnerability that stems from the use of the public endpoint /api/v1/signshow as its login screen, which returns internal configuration data for user object attributes. An attacker could exploit this vulnerability to obtain sensitive…Read More
Zammad Information Disclosure Vulnerability (CNVD-2023-9769727)
