Security Advisory

CVE-2020-26029

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-12-28 07:57:36

Last updated 2024-08-04 15:49:07

Assigner mitre

State PUBLISHED

Description

An issue was discovered in Zammad before 3.4.1. There are wrong authorization checks for impersonation requests via X-On-Behalf-Of. The authorization checks are performed for the actual user and not the one given in the X-On-Behalf-Of header.

← Browse all CVEs View on cve.org ↗