Lucene search
K

44 matches found

Positive Technologies
Positive Technologies
added 2025/08/26 12:0 a.m.4 views

PT-2025-34794 · Helpy.Io · Helpy.Io

Name of the Vulnerable Software and Affected Versions: Helpy.io version 2.8.0 Description: A Cross Site Scripting issue exists in Helpy.io version 2.8.0. This allows a remote attacker to escalate privileges through the New Topic Ticket function. Recommendations: Update to a newer version that...

6.1CVSS7.1AI score0.00322EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/08/26 12:0 a.m.8 views

CVE-2025-52184

Cross Site Scripting vulnerability in Helpy.io v.2.8.0 allows a remote attacker to escalate privileges via the New Topic Ticket funtion...

0.00322EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/08/26 12:0 a.m.3 views

CVE-2025-52184

Cross Site Scripting vulnerability in Helpy.io v.2.8.0 allows a remote attacker to escalate privileges via the New Topic Ticket funtion...

7AI score0.00322EPSS
Exploits1References2
CVE
CVE
added 2025/08/26 12:0 a.m.26 views

CVE-2025-52184

CVE-2025-52184 affects Helpy.io version 2.8.0 and involves a Cross Site Scripting flaw in the New Topic Ticket feature that can allow an attacker to escalate privileges. The CVSS data indicates a Network attack vector, low attack complexity, no privileges required, but user interaction is require...

6.1CVSS6.5AI score0.00322EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 2:52 a.m.6 views

CVE-2023-0357

Helpy version 2.8.0 allows an unauthenticated remote attacker to exploit an XSS stored in the application. This is possible because the application does not correctly validate the attachments sent by customers in the ticket...

6.1CVSS6AI score0.00687EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:44 a.m.5 views

CVE-2018-20851

Helpy before 2.2.0 allows agents to edit admins...

8.8CVSS6.9AI score0.01533EPSS
Exploits0References1
NVD
NVD
added 2023/04/04 11:15 p.m.24 views

CVE-2023-0357

Helpy version 2.8.0 allows an unauthenticated remote attacker to exploit an XSS stored in the application. This is possible because the application does not correctly validate the attachments sent by customers in the ticket...

6.1CVSS6.1AI score0.00687EPSS
Exploits1References2
Prion
Prion
added 2023/04/04 11:15 p.m.19 views

Code injection

Helpy version 2.8.0 allows an unauthenticated remote attacker to exploit an XSS stored in the application. This is possible because the application does not correctly validate the attachments sent by customers in the ticket...

5.8CVSS6AI score0.00687EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2023/04/04 12:0 a.m.60 views

CVE-2023-0357

CVE-2023-0357 concerns Helpy 2.8.0, where an unauthenticated remote attacker can exploit a stored XSS vulnerability by abusing how attachments to tickets are validated. The issue is caused by improper validation of customer attachments, enabling injection of script content that persists in the ap...

6.1CVSS6AI score0.00687EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/04 12:0 a.m.8 views

CVE-2023-0357

Helpy version 2.8.0 allows an unauthenticated remote attacker to exploit an XSS stored in the application. This is possible because the application does not correctly validate the attachments sent by customers in the ticket...

6.2AI score0.00687EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/04/04 12:0 a.m.26 views

CVE-2023-0357

Helpy version 2.8.0 allows an unauthenticated remote attacker to exploit an XSS stored in the application. This is possible because the application does not correctly validate the attachments sent by customers in the ticket...

6.1AI score0.00687EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/04/04 12:0 a.m.6 views

PT-2023-16209 · Helpy · Helpy

Name of the Vulnerable Software and Affected Versions: Helpy version 2.8.0 Description: The issue allows an unauthenticated remote attacker to exploit a stored XSS in the application. This is possible because the application does not correctly validate the attachments sent by customers in the...

6.1CVSS6.1AI score0.00687EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/04/04 12:0 a.m.4 views

Helpy 跨站脚本漏洞

Helpy is an open source customer support application. The program includes features such as a knowledge base, community discussions, and email. A security vulnerability exists in Helpy version 2.8.0, which stems from the application not properly validating attachments sent by customers in work...

6.1CVSS6AI score0.00687EPSS
Exploits1References3
NVD
NVD
added 2019/07/10 2:15 p.m.13 views

CVE-2018-20851

Helpy before 2.2.0 allows agents to edit admins...

8.8CVSS8.7AI score0.01533EPSS
Exploits0References2
OSV
OSV
added 2019/07/10 2:15 p.m.9 views

CVE-2018-20851

Helpy before 2.2.0 allows agents to edit admins...

8.8CVSS6.8AI score
Exploits0References2
Prion
Prion
added 2019/07/10 2:15 p.m.16 views

Code injection

Helpy before 2.2.0 allows agents to edit admins...

6.5CVSS8.6AI score0.01533EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/07/10 1:38 p.m.40 views

CVE-2018-20851

Helpy before 2.2.0 is affected by CVE-2018-20851, with the vulnerability described as: agents can edit admins. The connected sources corroborate the product and vulnerable state, and the CVSS scores indicate high impact (8.8 in CVSS v3.0). The underlying root cause and a remediation are not detai...

8.8CVSS8.6AI score0.01533EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/07/10 1:38 p.m.20 views

CVE-2018-20851

Helpy before 2.2.0 allows agents to edit admins...

8.7AI score0.01533EPSS
Exploits0References2
CNVD
CNVD
added 2019/06/19 12:0 a.m.3 views

Helpy Cross-Site Scripting Vulnerability

Helpy is an open source customer support application. The program includes features such as a knowledge base, community discussions and email. A cross-site scripting vulnerability exists in Helpy version 2.1.0. The vulnerability stems from the WEB application lacking proper validation of...

6.1CVSS6.4AI score0.00878EPSS
Exploits0References1
NVD
NVD
added 2019/06/18 2:15 p.m.16 views

CVE-2018-18886

Helpy v2.1.0 has Stored XSS via the Ticket title...

6.1CVSS6AI score0.00878EPSS
Exploits0References2
Rows per page
Query Builder