Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2022-31400

Disclosure Date: June 13, 2022 (last updated October 07, 2023)
A cross-site scripting (XSS) vulnerability in /staff/setup/email-addresses of Helpdeskz v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email name field.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-31398

Disclosure Date: June 13, 2022 (last updated October 07, 2023)
A cross-site scripting (XSS) vulnerability in /staff/tools/custom-fields of Helpdeskz v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email name field.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0