Github.Com/Abhinavxd/Libredesk
Approved changes feed: RSS · Atom
cpe:2.3:a:abhinavxd:github.com/abhinavxd/libredesk:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Abhinavxd (e268cefc-1b5f-5c78-9835-0aa808a2db43) |
|---|---|
| Product | Github.Com/Abhinavxd/Libredesk (99c8d7e1-16a4-5465-a0b2-4d7f899c5ba1) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-26957 |
vulnerable | 2026-06-03 15:18:05.830955 |
Libredesk has an SSRF Vulnerability via Webhooks
Libredesk is a self-hosted customer support desk application. Versions prior to 1.0.2-0.20260215211005-727213631ce6 fail to validate destination URLs for webhooks, allowing an attacker posing as an authenticated "Application Admin" to force the server to make HTTP requests to arbitrary internal destinations. This could compromise the underlying cloud infrastructure or internal corporate network where the service is hosted. This issue has been fixed in version 1.0.2-0.20260215211005-727213631ce6.
Published: 2026-02-19T23:30:48.166Z
Updated: 2026-02-20T15:36:49.120Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.