CVE-2023-50455

Name of the Vulnerable Software and Affected Versions Zammad versions prior to 6.2.0

Description An issue was discovered due to a lack of rate limiting in the "email address verification" feature. This allows an attacker to send many requests for a known address, causing Denial Of Service by generating many emails, which would also spam the victim.

Recommendations For versions prior to 6.2.0, update to version 6.2.0 or later to resolve the issue. As a temporary workaround, consider implementing rate limiting on the "email address verification" feature to prevent abuse. Restrict access to this feature to minimize the risk of exploitation.