VYPR
Vendor

Zendesk

Products
5
CVEs
4
Across products
4
Status
Private

Products

5

Recent CVEs

4
  • CVE-2024-42363HigAug 20, 2024
    risk 0.50cvss 8.8epss 0.01

    Prior to 3385, the user-controlled role parameter enters the application in the Kubernetes::RoleVerificationsController. The role parameter flows into the RoleConfigFile initializer and then into the Kubernetes::Util.parse_file method where it is unsafely deserialized using the…

  • CVE-2019-25263MedFeb 3, 2026
    risk 0.42cvss 6.4epss 0.00

    Zendesk SweetHawk Survey 1.6 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through support ticket submissions. Attackers can insert XSS payloads like script tags into ticket text that automatically execute when survey…

  • CVE-2023-23716MedDec 9, 2024
    risk 0.28cvss 4.3epss 0.01

    Missing Authorization vulnerability in Zendesk Zendesk Support for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zendesk Support for WordPress: from n/a through 1.8.4.

  • CVE-2015-6921Sep 11, 2015
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the Zendesk Feedback Tab module 7.x-1.x before 7.x-1.1 for Drupal allows remote administrators with the "Configure Zendesk Feedback Tab" permission to inject arbitrary web script or HTML via unspecified vectors.