SQL injection vulnerability found in Zendesk Explorer by VTL (Varonis Threat Labs). "There is no evidence that any Zendesk Explore customer accounts were exploited, and Zendesk started working on a fix the same day it was reported. The company fixed multiple bugs in less than one workweek with zero customer action required.
Before it was patched, the flaw would have allowed threat actors to access conversations, email addresses, tickets, comments, and other information from Zendesk accounts with Explore enabled." VTL wrote in his post.
Zendesk Explore for reporting and analytics is designed to analyze, understand, and share business information. Explore provides powerful, built-in reports that view and analyze key information about customers, and support resources. When you need reports that are tailored to unique needs, you can use the tools in Explore to build own reports.
Once report is ready, Explore helps you to share and collaborate on it with others. Reports can be shared on a one-time, or recurring basis to anyone in organization and with some plans, to individuals who are not part of support team.
No comments:
Post a Comment