Headline
CVE-2023-1724: GitHub - ladybirdweb/faveo-helpdesk: Faveo Open source ticketing system build on Laravel framework
Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. This occurs because the application is vulnerable to stored XSS.
                 ______                      _    _      _           _           _    
                |  ____|                    | |  | |    | |         | |         | |   
                | |__ __ ___   _____  ___   | |__| | ___| |_ __   __| | ___  ___| | __
                |  __/ _` \ \ / / _ \/ _ \  |  __  |/ _ \ | '_ \ / _` |/ _ \/ __| |/ /
                | | | (_| |\ V /  __/ (_) | | |  | |  __/ | |_) | (_| |  __/\__ \   < 
                |_|  \__,_| \_/ \___|\___/  |_|  |_|\___|_| .__/ \__,_|\___||___/_|\_\
                                                          | |                         
                                                          |_|                         
Faveo Helpdesk provides Businesses with an automated Helpdesk system to manage customer support.
The word Faveo comes from Latin which means to be favourable. Which truly highlights vision and the scope as well as the functionality of the product that Faveo is. In today’s competitive startup scenario customer retention is one of the major challenges. Handling client query diligently is all the difference between retaining or losing a long lasting relationship. The company is driven with passion of providing tools for managing consumer queries for strategic insights and helping companies take those decisive decisions.
Faveo has been integrated with multiple platforms and new features being added each month.
Faveo can be customised according to requirement and we do undertake such request.
Flavors of Faveo
- Faveo Help Desk Community Edition – Free, Open source edition
- Faveo Help Desk Freelancer - Free version with features available in Faveo Enterprise Edition for two agents
- Faveo Help Desk Enterprise Edition – Paid version with many advance features and integrations
- Faveo Service Desk - Paid version for IT Assest management
View complete comparision list of all flavors of Faveo to select the most suitable solution for your business
Faveo Documentation
- Faveo user Manual
- Faveo API Documentation
- Faveo Event List
- Faveo Plugin creation guide
Requirements
To run Faveo your host just needs a couple of things:
- PHP Version: 8.1+
- Database: MySQL 8.0.x or MariaDB 10.6.x
- Web Server: Apache / IIS / Nginx
- PHP Extensions: Imap, Mbstring, Mcrypt, OpenSSL, PDO, Tokenizer, XML, Zip
- Web Server Extension: Pretty URLs or Search Engine Friendly URLs have to be enabled in your web server configuration
Faveo Web Hosting
Ladybird Web Host Offers hosting with minimum requirement to host Faveo web application. Faveo has been tested on Ladybird Web Host servers & works very well in their server environment. All web hosting packages offered by Ladybird Web Host come with 30 day money back gurantee.
Credits
- Laravel Framework
- Admin LTE Theme
Website
Visit our website for more information on services offered by us www.faveohelpdesk.com
YouTube Channel
Find demo, installation, configuration, tutorial videos on our channel here
Road Map for Community Edition
See what all features are going to be part of upcoming releases here
Faveo Probe
Helps verify whether your server can run Faveo or not. Download here
Faveo Community
Join Faveo discussion group and stay tuned to latest updates.
- Join us on LinkedIn
- Join us on Slack Support the community edition
If you are using our product and want to support us Click here
Language translate
Help us translate Faveo into your native language Click here
We are following Laravel localization module, you can create language file in your branch and send a pull request.
Contributing
Create your own fork of Faveo master repositoray and use git-flow to create a new feature. Once the feature is published in your fork, send a pull request to begin the conversation of integrating your new feature into Faveo. Please see the contributing guidelines before sending pull requests.
Error Reporting
Faveo uses Bugsnag to monitor application stability in production enviroment. It helps us to provide bug fixes and feature updates after analyzing the logs and crash reports for the application. If you are customizing the application under development environment, we request you to disable this error reporting. It will allow us to ignore the errors occurred during your development cycle and we can focus more on the exceptions/bugs occuring in live system of other users of Faveo community. It can be easily disabled from “Error logs and debugging” option in admin panel or by updating your app environment to development in .env.
You can still report the issues on our Github Issue page by providing proper information about the changes you are trying to implement. We assure you that Faveo community will help you and your customization can be a part of Faveo application if it follows our contributing guidelines.
Security Policy****Supported Versions
Check mark versions are supported with security patches.
Version
Supported
2.0.1
✅
2.0.0
❌
< 1.0
❌
Supported Updates
Security updates will be released once in a month. If it’s high priority, we will make it twice a month
Reporting a Vulnerability
Please report (suspected) security vulnerabilities to support@faveohelpdesk.com. You will receive a response from us within 48 hours. If the issue is confirmed, we will release a patch as soon as possible depending on complexity but historically within a few days.
Help
Visit the issue page. And if you’d like professional help commercial support is available, email us through the contact form.
Follow Us