CVE-2024-46226
- EPSS 0.07%
- Veröffentlicht 26.02.2025 16:15:15
- Zuletzt bearbeitet 07.04.2025 18:52:11
A stored cross site scripting (XSS) vulnerability in HelpDeskZ < v2.0.2 allows remote attackers to execute arbitrary JavaScript in the administration panel by including a malicious payload into the file name and upload file function when creating a n...
CVE-2024-2078
- EPSS 0.08%
- Veröffentlicht 01.03.2024 12:15:49
- Zuletzt bearbeitet 04.03.2025 12:25:10
A Cross-Site Scripting (XSS) vulnerability has been found in HelpDeskZ affecting version 2.0.2 and earlier. This vulnerability could allow an attacker to send a specially crafted JavaScript payload within the email field and partially take control of...
CVE-2022-31398
- EPSS 0.32%
- Veröffentlicht 13.06.2022 13:15:13
- Zuletzt bearbeitet 21.11.2024 07:04:27
A cross-site scripting (XSS) vulnerability in /staff/tools/custom-fields of Helpdeskz v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email name field.
CVE-2022-31400
- EPSS 0.32%
- Veröffentlicht 13.06.2022 13:15:13
- Zuletzt bearbeitet 21.11.2024 07:04:27
A cross-site scripting (XSS) vulnerability in /staff/setup/email-addresses of Helpdeskz v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email name field.