Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1
CVE-2020-13992
- EPSS 0.64%
- Veröffentlicht 09.07.2020 15:15:12
- Zuletzt bearbeitet 21.11.2024 05:02:18
An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A Stored XSS issue allows remote unauthenticated attackers to abuse a helpdesk user's logged in session. A user with sufficient privileges to change their login-page image must open a c...
7.5
CVE-2020-13993
- EPSS 0.57%
- Veröffentlicht 09.07.2020 15:15:12
- Zuletzt bearbeitet 21.11.2024 05:02:18
An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A blind time-based SQL injection issue allows remote unauthenticated attackers to retrieve information from the database via a ticket.
8.8
CVE-2020-13994
- EPSS 4.58%
- Veröffentlicht 09.07.2020 15:15:12
- Zuletzt bearbeitet 21.11.2024 05:02:18
An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A privileged user can achieve code execution on the server via a ticket because of improper access control of uploaded resources. This might be exploitable in conjunction with CVE-2020-...
1