Vulnerability Details CVE-2024-46226
A stored cross site scripting (XSS) vulnerability in HelpDeskZ < v2.0.2 allows remote attackers to execute arbitrary JavaScript in the administration panel by including a malicious payload into the file name and upload file function when creating a new ticket.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.9%
CVSS Severity
CVSS v3 Score 4.8