Zoho Desk — Vulnerability Disclosure

Atumcell-discovered weakness in Zoho's Desk help-desk product, disclosed to the vendor and reported alongside the MoveIt Transfer finding.

Atumcell research surfaced a security weakness in Zoho's Desk product — a widely deployed help-desk and customer-support platform. Disclosure was coordinated with Zoho, and the finding was covered in the trade press alongside the related MoveIt Transfer disclosure.

Affected: Zoho (Zoho Desk) · Severity: High

Disclosed and published. Full archive entry — link in first comment.

#VulnerabilityDisclosure #InfoSec #Disclosure #Vulnerability #Saas

Tip: Paste into LinkedIn's compose box. Open compose with this URL pre-filled (LinkedIn pulls the OG card automatically).

Full research archive entry: https://matthewcarr.com/research/zoho-desk-disclosure?utm_source=linkedin&utm_medium=social&utm_campaign=share

Why first-comment-link: LinkedIn's algorithm penalises external links in main posts. Putting the link in the first comment consistently produces 2-3x higher reach than in-post links.

Vulnerability disclosure: Zoho Desk — Vulnerability Disclosure
Atumcell-discovered weakness in Zoho's Desk help-desk product, disclosed to the vendor and reported alongside the MoveIt Transfer finding.
Atumcell research surfaced a security weakness in Zoho's Desk product — a widely deployed help-desk and customer-support platform. Disclosure was coordinated with Zoho, and the finding was covered in the trade press alongside the related MoveIt Transfer disclosure.
Affected: Zoho (Zoho Desk) · Severity: High
Full entry: https://matthewcarr.com/research/zoho-desk-disclosure

For when you want to forward to a specific contact (CISO, board-chair friend, journalist) with a personal note.

LinkedIn, Slack, iMessage, Bluesky, and Mastodon will all pull this image automatically when they see the URL. No manual upload needed.