Helpdeskz: >> Helpdeskz >> 2.0.1 Security Vulnerabilities
A stored cross site scripting (XSS) vulnerability in HelpDeskZ < v2.0.2 allows remote attackers to execute arbitrary JavaScript in the administration panel by including a malicious payload into the file name and upload file function when creating a new ticket.
CVSS Score
4.8
EPSS Score
0.001
Published
2025-02-26
A Cross-Site Scripting (XSS) vulnerability has been found in HelpDeskZ affecting version 2.0.2 and earlier. This vulnerability could allow an attacker to send a specially crafted JavaScript payload within the email field and partially take control of an authenticated user's browser session.
CVSS Score
4.6
EPSS Score
0.001
Published
2024-03-01