Security Issue on Freshdesk App

We’ve submitted our app on the marketplace. Then we got notified of a bug from the QA department of Freshworks that was related to the security of the app. Freshworks have their own add-on for firefox that breaks the app security and shows all secure data like password, license key, etc.

As of now, we are confused that how to fix that issue. Is there any way to fix this issue?

2 Likes

Hi @owais.raza,

The custom Firefox add-on that our QA team uses captures any secret credentials and information sent in the HTTP connection as plain text.
Please find what are the secret information reported that are sent in plain text over a HTTP connection and try to use Secure installation where possible and encrypt the texts to hide them in the browser developer tools and to avoid any middleman attack.

If you have any specific query on the reported security issues, please discuss with the QA team in the Freshrelease ticket.

1 Like