Hesk Admin.PHP Authentication Bypass Vulnerability

Hesk Admin.PHP Authentication Bypass Vulnerability

Hesk is prone to an authentication bypass vulnerability.

The application does not properly validate username and password pairs, and subsequently allows administrative access without a password.

This can lead to unauthorized access of sensitive data, modification of helpdesk data and program code, and other types of attacks.