1 results (0.041 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

A stored cross-site scripting (XSS) vulnerability in UVDesk Community Skeleton v1.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field when creating a ticket. Una vulnerabilidad de Cross-Site Scripting (XSS) almacenada en UVDesk Community Skeleton v1.1.1 permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado que se inyecta en el campo Mensaje al crear un ticket. • https://www.esecforte.com/cve-2023-37636-stored-cross-site-scripting • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •