VYPR

Go modules package

github.com/abhinavxd/libredesk

pkg:golang/github.com/abhinavxd/libredesk

Vulnerabilities (2)

  • CVE-2026-26957Feb 20, 2026
    affected < 1.0.2-0.20260215211005-727213631ce6fixed 1.0.2-0.20260215211005-727213631ce6

    Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: Upon further research, the maintainer determined that the behavior described by the CVE record is intended behavior. Per the GitHub Security Advisory: "Libredesk is a single-tenant, self-hos

  • CVE-2025-68927Dec 27, 2025
    affected < 0.8.6-betafixed 0.8.6-beta

    Libredesk is a self-hosted customer support desk. Prior to version 0.8.6-beta, LibreDesk is vulnerable to stored HTML injection in the contact notes feature. When adding notes via POST /api/v1/contacts/{id}/notes, the backend automatically wraps user input in tags. However, b