Go modules package
github.com/abhinavxd/libredesk
pkg:golang/github.com/abhinavxd/libredesk
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-26957 | — | < 1.0.2-0.20260215211005-727213631ce6 | 1.0.2-0.20260215211005-727213631ce6 | Feb 20, 2026 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: Upon further research, the maintainer determined that the behavior described by the CVE record is intended behavior. Per the GitHub Security Advisory: "Libredesk is a single-tenant, self-hos | ||
| CVE-2025-68927 | — | < 0.8.6-beta | 0.8.6-beta | Dec 27, 2025 | Libredesk is a self-hosted customer support desk. Prior to version 0.8.6-beta, LibreDesk is vulnerable to stored HTML injection in the contact notes feature. When adding notes via POST /api/v1/contacts/{id}/notes, the backend automatically wraps user input in tags. However, b |
- CVE-2026-26957Feb 20, 2026affected < 1.0.2-0.20260215211005-727213631ce6fixed 1.0.2-0.20260215211005-727213631ce6
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: Upon further research, the maintainer determined that the behavior described by the CVE record is intended behavior. Per the GitHub Security Advisory: "Libredesk is a single-tenant, self-hos
- CVE-2025-68927Dec 27, 2025affected < 0.8.6-betafixed 0.8.6-beta
Libredesk is a self-hosted customer support desk. Prior to version 0.8.6-beta, LibreDesk is vulnerable to stored HTML injection in the contact notes feature. When adding notes via POST /api/v1/contacts/{id}/notes, the backend automatically wraps user input in tags. However, b