The Helpdesk Pro Plugin before 1.4.0 for Joomla! allows remote attackers to read the support tickets of arbitrary users via obtaining the target ticketId, and navigating to http://{target}/component/helpdeskpro/?view=ticket&id={ticketId}.
CPE | Name | Operator | Version |
---|---|---|---|
helpdesk_pro | le | 1.3.0 |