CVE-2020-11466

An issue was discovered in Deskpro before 2019.8.0. The /api/tickets endpoint failed to properly validate a user's privilege, allowing an attacker to retrieve arbitrary information about all helpdesk tickets stored in database with numerous filters. This leaked sensitive information to unauthoriz...

Unspecified Vulnerability in Deskpro (CNVD-2020-22254)

Deskpro is a helpdesk software solution that helps companies manage communication with their customers and user base across multiple channels. Deskpro has a security vulnerability that can be exploited by an attacker to leak ticket authentication code, which can be used to make changes to tickets...