Helpdesk Software Hesk allows remote attackers to bypass authentication for (1) admin.php and (2) admin_main.php by modifying the PHPSESSID session ID parameter or cookie.
Software | From | Fixed in |
---|---|---|
helpdesk_software / hesk | 0.92 | 0.92.x |
helpdesk_software / hesk | 0.93 | 0.93.x |