Undergoing Analysis
This vulnerability is currently undergoing analysis and not all information is available. Please check back soon to view the completed vulnerability summary.
An issue was discovered in Deskpro before 2019.8.0. The /api/people endpoint failed to properly validate a user’s privilege, allowing an attacker to retrieve sensitive information about all users registered on the system. This includes their full name, privilege, email address, phone number, etc.