CVE-2024-33666

Published: 2024-04-26T01:15Z

Last Modified: 2025-04-15T16:40Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An issue was discovered in Zammad before 6.3.0. Users with customer access to a ticket could have accessed time accounting details of this ticket via the API. This data should be available only to agents. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt