
We found results for “”
CVE-2021-30492
Date: August 19, 2025
Lack of input validation of the Zendesk subdomain could expose users of the library to Server Side Request Forgery (SSRF). The resolution is to validate the provided Zendesk subdomain to be a valid subdomain in: getAuthUrl getAccessToken Fixed in v2.2.11
Language: PHP
Severity Score
Related Resources (5)
Severity Score
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | LOW |
Integrity (I): | LOW |
Availability (A): | NONE |