Open Issues Need Help
View All on GitHub Require a valid auth token before allowing 2FA modifications about 1 month ago
AI Summary: Investigate if the Zimbra 2FA extension is vulnerable to the security issue described in ZCS NE 10.1.10 (requiring a valid auth token before 2FA modifications). If vulnerable, implement the necessary fix to ensure unauthorized changes are prevented. Consider potential impacts on other Zimbra components due to the security fix and Zimbra's embargo on commits.
Complexity:
4/5
bug help wanted