Описание
Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. This occurs because the application is vulnerable to stored XSS.
Ссылки
- ExploitThird Party Advisory
- Product
- ExploitThird Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1Версия до 6.0.1 (включая)
cpe:2.3:a:ladybirdweb:faveo_helpdesk:*:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00057
Низкий
7.3 High
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 7.3
github
больше 2 лет назад
Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. This occurs because the application is vulnerable to stored XSS.
EPSS
Процентиль: 18%
0.00057
Низкий
7.3 High
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79