Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Zendesk before 2024-07-02 allows remote attackers to read ticket history via e-mail spoofing, because Cc fields are extracted from incoming e-mail messages and used to grant additional authorization for ticket viewing, the mechanism for detecting spoofed e-mail messages is insufficient, and the support e-mail addresses associated with individual tickets are predictable.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zendesk 安全漏洞
Vulnerability Description
Zendesk是美国Zendesk公司的一个完整的客户服务解决方案。 Zendesk 2024-07-02之前版本存在安全漏洞,该漏洞源于处理电子邮件时从传入的电子邮件消息中提取抄送字段来授予额外的票证查看权限的方式不足,无法正确检测伪造的电子邮件消息。
CVSS Information
N/A
Vulnerability Type
N/A