CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2009-1261
https://notcve.org/view.php?id=CVE-2009-1261
07 Apr 2009 — Multiple cross-site scripting (XSS) vulnerabilities in Web Help Desk 9.1.22 (evaluation version) allow remote attackers to inject arbitrary web script or HTML via the (1) Report Name, (2) Asset No., and (3) Full Name fields in a Models action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Web Help Desk v9.1.22 (versión de evaluación) permite a atacantes remoto... • http://osvdb.org/53422 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 108EXPL: 0CVE-2009-0303
https://notcve.org/view.php?id=CVE-2009-0303
27 Jan 2009 — Cross-site scripting (XSS) vulnerability in Web Help Desk before 9.1.18 allows remote attackers to inject arbitrary web script or HTML via vectors related to "encoded JavaScript" and Helpdesk.woa. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Web Help Desk anterior a v9.1.18; permite a atacantes remotos inyectar secuencias de comandos Web o HTML mediante vectores relacionados con "JavaScript codificado" y Helpdesk.woa. • http://secunia.com/advisories/33651 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •