2 matches found
CVE-2020-11465
An issue was discovered in Deskpro before 2019.8.0. The /api/apps/ endpoints failed to properly validate a user's privilege, allowing an attacker to control/install helpdesk applications and leak current applications' configurations, including applications used as user sources used for...
CVE-2020-11465
Summary: CVE-2020-11465 affects Deskpro before 2019.8.0. The /api/apps/* endpoints did not properly validate a user’s privileges, enabling an attacker to control/install helpdesk applications and leak current configurations—including apps used as user sources for authentication—and to forge authe...