From the screenshot, the following key information about the vulnerability can be obtained: ID: ZAA-2021-15 Date: October 5, 2021 Title: API leaks application secret Severity: Medium Product: Zammad 1.0.x up to 4.1.0 Fixed in: Zammad 4.1.1, 5.0.0 CVE: CVE-2021-42087 Vulnerability Description Zammad generates a random application secret for any installation. This application secret is only used application internally for various functionalities (e.g. the website Form) to ensure security. However, the application secret is leaked via the API to authenticated admin users. Recommended Resolution This vulnerability is fixed in the latest versions of Zammad, and it is recommended to upgrade to one of these. Fixed releases can be found at: https://zammad.org/ https://ftp.zammad.com/ Or just update your Zammad if installed via OS package manager.