CVE-2017-6081

Name of the Vulnerable Software and Affected Versions Zammad versions prior to 1.0.4 Zammad versions 1.1.x prior to 1.1.3 Zammad versions 1.2.x prior to 1.2.1

Description A CSRF issue was discovered. To exploit the issue, an attacker can send cross-domain requests directly to the REST API for users with a valid session cookie.

Recommendations For versions prior to 1.0.4, update to version 1.0.4 or later. For versions 1.1.x prior to 1.1.3, update to version 1.1.3 or later. For versions 1.2.x prior to 1.2.1, update to version 1.2.1 or later.