5 results (0.008 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

SysAid Help Desk before 22.1.65 allows XSS via the Asset Dashboard, aka FR# 67262. SysAid Help Desk versiones anteriores a 22.1.65, permite un ataque de tipo XSS por medio del Asset Dashboard, también se conoce como FR# 67262 • https://documentation.sysaid.com/docs/22165-release-notes • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

SysAid Help Desk before 22.1.65 allows XSS via the Linked SRs field, aka FR# 67258. SysAid Help Desk versiones anteriores a 22.1.65, permite un ataque de tipo XSS por medio del campo Linked SRs, también se conoce como FR# 67258 • https://documentation.sysaid.com/docs/22165-release-notes • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

SysAid Help Desk before 22.1.65 allows XSS in the Password Services module, aka FR# 67241. SysAid Help Desk versiones anteriores a 22.1.65, permite un ataque de tipo XSS en el módulo Password Services, también se conoce como FR# 67241 • https://documentation.sysaid.com/docs/22165-release-notes • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

SysAid Help Desk before 22.1.65 allows XSS, aka FR# 66542 and 65579. SysAid Help Desk versiones anteriores a 22.1.65, permite un ataque de tipo XSS, también se conoce como FR# 66542 y 65579 • https://documentation.sysaid.com/docs/22165-release-notes • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.8EPSS: 2%CPEs: 3EXPL: 2

Multiple cross-site scripting (XSS) vulnerabilities in (a) PMOS Help Desk 2.4, formerly (b) InverseFlow Help Desk 2.31 and also sold as (c) Ace Helpdesk 2.31, allow remote attackers to inject arbitrary web script or HTML via the (1) id or email parameter to ticketview.php, or (2) the email parameter to ticket.php. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en (a) PMOS Help Desk 2.4, antiguamente (b) InverseFlow Help Desk 2.31 y también vendido como (c) Ace Helpdesk 2.31, permiten a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante los parámetros (1) email o id a ticketview.php, o el (2) parámetro email a ticket.php. • https://www.exploit-db.com/exploits/29166 https://www.exploit-db.com/exploits/29165 http://secunia.com/advisories/23052 http://secunia.com/advisories/23070 http://secunia.com/advisories/23071 http://securityreason.com/securityalert/1928 http://www.attrition.org/pipermail/vim/2006-November/001148.html http://www.osvdb.org/30667 http://www.osvdb.org/34034 http://www.securityfocus.com/archive/1/452397/100/0/threaded http://www.securityfocus.com/bid/21250 http://www. •