Security Advisory

CVE-2020-26034

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-12-28 07:56:33

Last updated 2024-08-04 15:49:06

Assigner mitre

State PUBLISHED

Description

An account-enumeration issue was discovered in Zammad before 3.4.1. The Create User functionality is implemented in a way that would enable an anonymous user to guess valid user email addresses. The application responds differently depending on whether the input supplied was recognized as associated with a valid user.

← Browse all CVEs View on cve.org ↗