Zabi_Ullah

**Name of the Vulnerable Software and Affected Versions** chatwoot versions prior to 4.11.1 **Description** A security issue exists in chatwoot that allows for improper authorization. This occurs through manipulation of the `signupEnabled` argument with the input `true` within an unknown function of the `/app/login` file in the Signup Endpoint component. The issue can be exploited remotely. The exploit has been publicly disclosed. The vendor was contacted but did not respond. **Recommendations** Update to a version later than 4.11.1.