Cross site scripting

2013-12-2100:55:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.1%

JSON

Cross-site scripting (XSS) vulnerability in Tenmiles Helpdesk Pilot allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI for a ticket.

CPENameOperatorVersion
helpdesk_piloteq5.0

CPE	Name	Operator	Version
	helpdesk_pilot	eq	5.0

References

makthepla.net/blog/=/helpdesk-pilot-add-admin

secunia.com/advisories/55797

exchange.xforce.ibmcloud.com/vulnerabilities/89510