44 matches found
PT-2025-34794 · Helpy.Io · Helpy.Io
Name of the Vulnerable Software and Affected Versions: Helpy.io version 2.8.0 Description: A Cross Site Scripting issue exists in Helpy.io version 2.8.0. This allows a remote attacker to escalate privileges through the New Topic Ticket function. Recommendations: Update to a newer version that...
CVE-2025-52184
Cross Site Scripting vulnerability in Helpy.io v.2.8.0 allows a remote attacker to escalate privileges via the New Topic Ticket funtion...
CVE-2025-52184
Cross Site Scripting vulnerability in Helpy.io v.2.8.0 allows a remote attacker to escalate privileges via the New Topic Ticket funtion...
CVE-2025-52184
CVE-2025-52184 affects Helpy.io version 2.8.0 and involves a Cross Site Scripting flaw in the New Topic Ticket feature that can allow an attacker to escalate privileges. The CVSS data indicates a Network attack vector, low attack complexity, no privileges required, but user interaction is require...
CVE-2023-0357
Helpy version 2.8.0 allows an unauthenticated remote attacker to exploit an XSS stored in the application. This is possible because the application does not correctly validate the attachments sent by customers in the ticket...
CVE-2018-20851
Helpy before 2.2.0 allows agents to edit admins...
CVE-2023-0357
Helpy version 2.8.0 allows an unauthenticated remote attacker to exploit an XSS stored in the application. This is possible because the application does not correctly validate the attachments sent by customers in the ticket...
Code injection
Helpy version 2.8.0 allows an unauthenticated remote attacker to exploit an XSS stored in the application. This is possible because the application does not correctly validate the attachments sent by customers in the ticket...
CVE-2023-0357
CVE-2023-0357 concerns Helpy 2.8.0, where an unauthenticated remote attacker can exploit a stored XSS vulnerability by abusing how attachments to tickets are validated. The issue is caused by improper validation of customer attachments, enabling injection of script content that persists in the ap...
CVE-2023-0357
Helpy version 2.8.0 allows an unauthenticated remote attacker to exploit an XSS stored in the application. This is possible because the application does not correctly validate the attachments sent by customers in the ticket...
CVE-2023-0357
Helpy version 2.8.0 allows an unauthenticated remote attacker to exploit an XSS stored in the application. This is possible because the application does not correctly validate the attachments sent by customers in the ticket...
PT-2023-16209 · Helpy · Helpy
Name of the Vulnerable Software and Affected Versions: Helpy version 2.8.0 Description: The issue allows an unauthenticated remote attacker to exploit a stored XSS in the application. This is possible because the application does not correctly validate the attachments sent by customers in the...
Helpy 跨站脚本漏洞
Helpy is an open source customer support application. The program includes features such as a knowledge base, community discussions, and email. A security vulnerability exists in Helpy version 2.8.0, which stems from the application not properly validating attachments sent by customers in work...
CVE-2018-20851
Helpy before 2.2.0 allows agents to edit admins...
CVE-2018-20851
Helpy before 2.2.0 allows agents to edit admins...
Code injection
Helpy before 2.2.0 allows agents to edit admins...
CVE-2018-20851
Helpy before 2.2.0 is affected by CVE-2018-20851, with the vulnerability described as: agents can edit admins. The connected sources corroborate the product and vulnerable state, and the CVSS scores indicate high impact (8.8 in CVSS v3.0). The underlying root cause and a remediation are not detai...
CVE-2018-20851
Helpy before 2.2.0 allows agents to edit admins...
Helpy Cross-Site Scripting Vulnerability
Helpy is an open source customer support application. The program includes features such as a knowledge base, community discussions and email. A cross-site scripting vulnerability exists in Helpy version 2.1.0. The vulnerability stems from the WEB application lacking proper validation of...
CVE-2018-18886
Helpy v2.1.0 has Stored XSS via the Ticket title...