pkg:Debian/znuny

All known vulnerabilities

• CRITICAL9.8CVE-2025-26846An issue was discovered in Znuny before 7.1.4.
  from 0
• CRITICAL9.8CVE-2025-26845An Eval Injection issue was discovered in Znuny through 7.1.3.
  from 0
• CRITICAL9.8CVE-2025-26844An issue was discovered in Znuny through 7.1.3.
  from 0
• CRITICAL9.8CVE-2024-32491An issue was discovered in Znuny and Znuny LTS 6.0.31 through 6.5.7 and Znuny 7.0.1 through 7.0.16 where a logged-in user can upload a file…
  from 0
• CRITICAL9.8CVE-2022-4427Improper Input Validation vulnerability in OTRS AG OTRS, OTRS AG ((OTRS)) Community Edition allows SQL Injection via TicketSearch Webservic…
  from 0, < 6.4.5-1
• HIGH8.8CVE-2024-32493An issue was discovered in Znuny LTS 6.5.1 through 6.5.7 and Znuny 7.0.1 through 7.0.16 where a logged-in agent is able to inject SQL in th…
  from 0
• HIGH8.8CVE-2023-38060Improper Input Validation vulnerability in the ContentType parameter for attachments on TicketCreate or TicketUpdate operations of the OTRS…
  from 0
• HIGH7.5CVE-2025-26847An issue was discovered in Znuny before 7.1.5.
  from 0
• HIGH7.5CVE-2025-26842An issue was discovered in Znuny through 7.1.3.
  from 0
• HIGH7.5CVE-2024-48938Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows DoS/ReDos via email.
  from 0
• MEDIUM6.1CVE-2025-52204A Cross-Site Scripting (XSS) vulnerability exists in Znuny::ITSM 6.5.x in the customer.pl endpoint via the OTRSCustomerInterface parameter
  from 0
• MEDIUM6.1CVE-2025-43926An issue was discovered in Znuny through 6.5.14 and 7.x through 7.1.6.
  from 0
• MEDIUM6.1CVE-2025-3573jquery-validation vulnerable to Cross-site Scripting
  from 0
• MEDIUM6.1CVE-2024-48937Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows XSS.
  from 0
• —CVE-2025-26843(no summary)
  from 0
• —CVE-2025-59490(no summary)
  from 0