Ridiculous Zendesk Vulnerability Causes Chaos
Open with LBRYEmail is bad, that's why we have systems to ensure that email spoofing can't be done, but what about when those systems fail. Well Zendesk is a prime example of that and it leads to fun cases of exfiltrating support data with a basic process of CCing yourself.
==========Support The Channel==========
► Patreon: https://brodierobertson.xyz/patreon
► Paypal: https://brodierobertson.xyz/paypal
► Liberapay: https://brodierobertson.xyz/liberapay
► Amazon USA: https://brodierobertson.xyz/amazonusa
==========Resources==========
Blog Post: https://gist.github.com/hackermondev/68ec8ed145fcee49d2f5e2b9d2cf2e52
Zendesk Response: https://support.zendesk.com/hc/en-us/articles/8187090244506-Email-user-verification-bug-bounty-report-retrospective
=========Video Platforms==========
🎥 Odysee: https://brodierobertson.xyz/odysee
🎥 Podcast: https://techovertea.xyz/youtube
🎮 Gaming: https://brodierobertson.xyz/gaming
==========Social Media==========
🎤 Discord: https://brodierobertson.xyz/discord
🐦 Twitter: https://brodierobertson.xyz/twitter
🌐 Mastodon: https://brodierobertson.xyz/mastodon
🖥️ GitHub: https://brodierobertson.xyz/github
==========Credits==========
🎨 Channel Art:
Profile Picture:
https://www.instagram.com/supercozman_draws/
#Linux #OpenSource #Zendesk #Slack
🎵 Ending music
Track: Debris & Jonth - Game Time [NCS Release]
Music provided by NoCopyrightSounds.
Watch: https://www.youtube.com/watch?v=yDTvvOTie0w
Free Download / Stream: http://ncs.io/GameTime
DISCLOSURE: Wherever possible I use referral links, which means if you click one of the links in this video or description and make a purchase I may receive a small commission or other compensation.
...
https://www.youtube.com/watch?v=qwRVYD50pK0