exploitDog

GHSA-99wv-4fxc-p8gj

Опубликовано: 03 фев. 2026

Источник: github

Github: Не прошло ревью

CVSS4: 5.1

CVSS3: 6.4

Описание

Zendesk SweetHawk Survey 1.6 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through support ticket submissions. Attackers can insert XSS payloads like script tags into ticket text that automatically execute when survey pages are loaded by other users.

Zendesk SweetHawk Survey 1.6 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through support ticket submissions. Attackers can insert XSS payloads like script tags into ticket text that automatically execute when survey pages are loaded by other users.

Ссылки

EPSS

Процентиль: 8%

0.0003

Низкий

5.1 Medium

CVSS4

6.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2019-25263

CVSS3: 6.4

nvd

4 дня назад

Zendesk SweetHawk Survey 1.6 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through support ticket submissions. Attackers can insert XSS payloads like script tags into ticket text that automatically execute when survey pages are loaded by other users.

EPSS

Процентиль: 8%

0.0003

Низкий

5.1 Medium

CVSS4

6.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79