Zammad · Zammad · CVE-2023-31597
**Name of the Vulnerable Software and Affected Versions**
Zammad version 5.4.0
**Description**
An issue in the software allows attackers to bypass e-mail verification using an arbitrary address and manipulate the data of the generated user. Attackers are also able to gain unauthorized access to existing tickets.
**Recommendations**
For Zammad version 5.4.0, update to a newer version that contains a fix for this issue.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.