Show filters
4 Total Results
Displaying 1-4 of 4
Sort by:
Attacker Value
Unknown

CVE-2025-22512

Disclosure Date: January 07, 2025 (last updated January 08, 2025)
Missing Authorization vulnerability in Sprout Apps Help Scout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Help Scout: from n/a through 6.5.1.
0
0
Attacker Value
Unknown

CVE-2024-51828

Disclosure Date: November 19, 2024 (last updated November 20, 2024)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniel J Griffiths Beacon For Help Scout allows DOM-Based XSS.This issue affects Beacon For Help Scout: from n/a through 1.3.0.
0
0
Attacker Value
Unknown

CVE-2024-51778

Disclosure Date: November 09, 2024 (last updated November 09, 2024)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Starfish Reviews Satisfaction Reports from Help Scout allows Reflected XSS.This issue affects Satisfaction Reports from Help Scout: from n/a through 2.0.3.
0
0
Attacker Value
Unknown

CVE-2021-24212

Disclosure Date: April 05, 2021 (last updated February 22, 2025)
The WooCommerce Help Scout WordPress plugin before 2.9.1 (https://woocommerce.com/products/woocommerce-help-scout/) allows unauthenticated users to upload any files to the site which by default will end up in wp-content/uploads/hstmp.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0