We are excited to share, that we've reached GA for Web Help Deskv12.5.2
This service release includes:
This release prevents malicious code from redirecting a hyperlink in the Web Help Desk user interface to an unauthorized third-party website or resource.
Secure password reset logic
After you click Forgot Password on the Log In screen, Web Help Desk verifies your current email address and redirects you back to the application using a secure connection to reset your password.
Improved LDAP security
Web Help Desk now prevents unauthorized LDAP client account users from logging in to an LDAP tech account with an identical user name. In v12.5.1 and earlier, WHD had 2 ways to handle LDAP authentication. One for techs and one for clients. After you install this release, the tech LDAP authentication functionality is removed, and every tech, who used this functionality will have his WHD password reset, and will also receive an email with steps to log in to WHD.
Before you install this upgrade, ensure that all techs have client accounts (authenticated through LDAP) linked to their tech accounts. Also ensure, that the tech username is not the same as any of the client's usernames. After the upgrade, all techs must access their tech account through their client account, or using the WHD tech username and WHD password (which can be reset using the secure password reset logic).
Updated Apache Tomcat
This release supports Apache Tomcat 7.0.82 for improved security. See the Apache Tomcat website for details.
Notabe fixed issues
Tickets linked to a survey now close properly after you change the status to Resolved.
The Office 365 connector now supports subfolders.
Tickets restricted to a location group can no longer be accessed by users in another location group.
We encourage all customers to upgrade to this latest release which is available within your customer portal.