Описание
A cross-site scripting (XSS) vulnerability has been reported to affect Helpdesk. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network.
We have already fixed the vulnerability in the following version: Helpdesk 3.3.1 and later
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.3.1 (исключая)
cpe:2.3:a:qnap:helpdesk:*:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00641
Низкий
3.5 Low
CVSS3
4.8 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 3.5
github
больше 1 года назад
A cross-site scripting (XSS) vulnerability has been reported to affect Helpdesk. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. We have already fixed the vulnerability in the following version: Helpdesk 3.3.1 and later
EPSS
Процентиль: 70%
0.00641
Низкий
3.5 Low
CVSS3
4.8 Medium
CVSS3
Дефекты
CWE-79