Nasty SQL Injection Bug in Zendesk Endangers Sensitive Customer Data

15 November 2022

Multiple security vulnerabilities in Zendesk’s Web-based customer relationship management (CRM) platform could have allowed attackers to access sensitive information from potentially any customer account — a discovery that showcases application programming interface (API) endpoint weaknesses in enterprise software-as-a-solution (SaaS) applications. Researchers from Varonis Threat Labs discovered the issues — specifically an SQL injection vulnerability and a logical access flaw — in Zendesk Explore, a component of Zendesk’s platform, they said in a blog post published Nov.

Read full article on Dark Reading: Cloud

Date:

15 November 2022

Categorie(s):

NEWS

Tag(s):

Bug, Cloud, Customer Data, SQL Injection, Zendesk

Navigating the API Security Landscape: A CEO’s Perspective on Embedding Zero Trust Principles4 May 2024
Lightsail VPN Review: Is Lightsail VPN Safe? [+Best Alternatives]4 May 2024
How Do I Know What New Casinos In New Zealand I Can Trust?4 May 2024
How To Secure Your Business In The Times Of All-pervasive Hackers4 May 2024
Things To Look Out For When Making Payments Online4 May 2024