The Helpdesk Pro Plugin prior to 1.4.0 for Joomla! allows remote malicious users to read the support tickets of arbitrary users via obtaining the target ticketId, and navigating to {target}/component/helpdeskpro/?view=ticket&id={ticketId}.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
helpdesk pro project helpdesk pro |