A critical zero-click vulnerability in Zendesk’s Android SDK has been uncovered, enabling attackers to hijack support accounts and harvest every ticket without any user interaction. Discovered during a private bug bounty program, the flaw stems from weak token generation and storage mechanisms within Zendesk’s mobile application. Vulnerability Overview Zendesk’s Android client generates authentication tokens by […]

The post 0-Click Zendesk Flaw Lets Hackers Hijack Accounts and View All Tickets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/0-click-zendesk-flaw/