Filtered by vendor Znuny
Subscribe
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-26845 | 1 Znuny | 1 Znuny | 2025-05-16 | N/A | 9.8 CRITICAL |
| An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the configuration file can use this to execute a command executed by the user running the backup.pl script. | |||||
| CVE-2025-26847 | 1 Znuny | 1 Znuny | 2025-05-16 | N/A | 7.5 HIGH |
| An issue was discovered in Znuny before 7.1.5. When generating a support bundle, not all passwords are masked. | |||||
| CVE-2024-48938 | 1 Znuny | 1 Znuny | 2025-03-14 | N/A | 7.5 HIGH |
| Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows DoS/ReDos via email. Parsing the content of emails where HTML code is copied from Microsoft Word could lead to high CPU usage and block the parsing process. | |||||
| CVE-2024-48937 | 1 Znuny | 1 Znuny | 2025-03-13 | N/A | 6.1 MEDIUM |
| Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows XSS. JavaScript code in the short description of the SLA field in Activity Dialogues is executed. | |||||