VYPR

Packagist (Composer) package

zendesk/zendesk_api_client_php

pkg:composer/zendesk/zendesk_api_client_php

Vulnerabilities (1)

  • CVE-2021-30492criApr 29, 2021
    affected < 2.2.11fixed 2.2.11

    ### Impact Lack of input validation of the Zendesk subdomain could expose users of the library to Server Side Request Forgery (SSRF). ### Resolution Validate the provided Zendesk subdomain to be a valid subdomain in: * getAuthUrl * getAccessToken