Advisories

#	Name	CVE	Severity	Date
ZSA-2024-05	XSS in process management	CVE-2024-48937	low	2024-10-02
ZSA-2024-04	DoS/ReDos via email	CVE-2024-48938	medium	2024-10-02
ZSA-2024-03	SQL Injection	CVE-2024-32493	low	2024-04-17
ZSA-2024-02	Cross Site Scripting (XSS) in the Customer Portal Ticket View	CVE-2024-32492	medium	2024-04-17
ZSA-2024-01	Directory Traversal via File Upload	CVE-2024-32491	high	2024-04-17
ZSA-2023-03	Possible XSS attack via customer user administration	none	low	2023-08-23
ZSA-2023-01	Protocol-relative links display external images (without confirmation)	none	low	2023-06-14
ZSA-2022-07	SQL injection vulnerability in Kernel::System::Ticket::TicketSearch	CVE-2022-4427	medium	2022-12-19
ZSA-2022-06	Possible to execute Perl code in ACLs	pending	medium	2022-06-14
ZSA-2022-05	Possible to execute Perl code in AdminUser	pending	medium	2022-06-14
ZSA-2022-04	Possible to get elevated permissions via Template Toolkit	pending	medium	2022-04-28
ZSA-2022-03	Possible XSS attack via package manager	pending	medium	2022-04-20
ZSA-2022-02	Authenticated remote code execution	pending	medium	2022-04-20
ZSA-2022-01	jQuery UI XSS vulnerabilities	CVE-2021-41182, CVE-2021-41183, CVE-2021-41184	medium	2022-03-09
ZSA-2021-10	Access to calendars without permission	CVE-2021-36091	low	2021-08-05
ZSA-2021-11	XSS Vulnerability	-	low	2021-09-29
ZSA-2021-09	Unauthorized listing of the customer user emails	CVE-2021-21443	low	2021-08-05
ZSA-2021-08	Support bundle includes SMIME / PGP Keys	CVE-2021-21440	medium	2021-08-05
ZSA-2021-07	XSS vulnerability in Time Accounting addon	CVE-2021-21442	medium	2021-08-04
ZSA-2021-06	Critical XSS vulnerability	Pending	high	2021-04-21
ZSA-2021-05	FAQ content can be shown to users without permission	CVE-2021-21438	low	2021-04-21
ZSA-2021-04	XSS vulnerability	CVE-2021-21434	low	2021-03-10
ZSA-2021-03	DoS - denial of service	CVE-Pending	medium	2021-03-10
ZSA-2021-02	ReDoS - Regular expression denial of service	CVE-Pending	medium	2021-01-29
ZSA-2021-01	XSS Vulnerability	CVE-2018-17960	low	2021-01-27