exploitDog

GHSA-63xg-rcwm-472j

Опубликовано: 24 июн. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 7.3

Описание

Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. This occurs because the application is vulnerable to stored XSS.

Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. This occurs because the application is vulnerable to stored XSS.

Ссылки

EPSS

Процентиль: 18%

0.00057

Низкий

7.3 High

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-1724

CVSS3: 7.3

nvd

больше 2 лет назад

Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. This occurs because the application is vulnerable to stored XSS.

EPSS

Процентиль: 18%

0.00057

Низкий

7.3 High

CVSS3

CVE ID

Дефекты

CWE-79