Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2022-31398

Disclosure Date: June 13, 2022 (last updated October 07, 2023)
A cross-site scripting (XSS) vulnerability in /staff/tools/custom-fields of Helpdeskz v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email name field.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0