Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.2
HAPPY Help Desk System: Incorrect Access Control Lets Guests Access Admin Areas
CVE-2025-67977
Summary
A security issue in HAPPY Help Desk System allows guests to access areas they shouldn't be able to, such as admin areas. This is because the system doesn't properly control who can access what. To fix this, update to a version of HAPPY that is not vulnerable, or reconfigure access controls to ensure only authorized users can access sensitive areas.
Original title
Missing Authorization vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HAPPY: from n...
Original description
Missing Authorization vulnerability in VillaTheme HAPPY happy-helpdesk-support-ticket-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HAPPY: from n/a through <= 1.0.8.
nvd CVSS3.1
8.2
Vulnerability type
CWE-862
Missing Authorization
Published: 20 Feb 2026 · Updated: 11 Mar 2026 · First seen: 6 Mar 2026