CVE-2023-50456

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Dec 10, 2023

Updated: Dec 13, 2023

Summary

CVE-2023-50456 is a vulnerability affecting Zammad before version 6.2.0. This issue allows an attacker to craft malicious first or last names that can trigger phishing links in generated notification emails, potentially leading to unintended actions or data breaches. By exploiting this vulnerability, an attacker can deceive users into clicking on malicious links, resulting in serious security risks. This vulnerability underscores the importance of keeping software up-to-date and implementing email security best practices.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/twqJ1Z
https://www.cve.org/CVERecord?id=CVE-2023-50456
https://nvd.nist.gov/vuln/detail/CVE-2023-50456

Back to Vulnerability Database

CVE-2023-50456

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations