415 matches found
Cross site scripting
SysAid Help Desk before 22.1.65 allows XSS in the Password Services module, aka FR 67241...
Design/Logic Flaw
SysAid Help Desk before 22.1.65 allows XSS via the Linked SRs field, aka FR 67258...
Design/Logic Flaw
SysAid Help Desk before 22.1.65 allows XSS via the Asset Dashboard, aka FR 67262...
CVE-2022-40325
SysAid Help Desk before 22.1.65 allows XSS via the Asset Dashboard, aka FR 67262...
CVE-2022-40325
Summary: CVE-2022-40325 affects SysAid Help Desk
CVE-2022-40324
SysAid Help Desk before 22.1.65 allows XSS via the Linked SRs field, aka FR 67258...
CVE-2022-40324
SysAid Help Desk vulnerability CVE-2022-40324 is a reflected/Stored XSS in the Linked SRs field present in all builds prior to 22.1.65. The underlying issue is a lack of proper input sanitization in the Linked SRs field, enabling an attacker to inject malicious payloads that could be processed by...
CVE-2022-40323
The provided documents indicate CVE-2022-40323 affects SysAid Help Desk prior to version 22.1.65, specifically in the Password Services module. The vulnerability is an XSS flaw arising from input handling within that module. Impact details are limited to the XSS risk stated; no further exploit in...
CVE-2022-40323
SysAid Help Desk before 22.1.65 allows XSS in the Password Services module, aka FR 67241...
CVE-2022-40322
CVE-2022-40322 affects SysAid Help Desk before 22.1.65 and is described as allowing an XSS vulnerability. The connected documents confirm the issue as an XSS flaw in SysAid Help Desk prior to version 22.1.65; no exploitation details are provided in these sources. The recommended remediation from ...
CVE-2022-40322
SysAid Help Desk before 22.1.65 allows XSS, aka FR 66542 and 65579...
PT-2022-25348 · Sysaid · Sysaid Help Desk
Name of the Vulnerable Software and Affected Versions: SysAid Help Desk versions prior to 22.1.65 Description: The issue allows for XSS in the Password Services module. Recommendations: For versions prior to 22.1.65, update to version 22.1.65 or later to resolve the issue...
Sysaid Technologies SysAid 跨站脚本漏洞
Sysaid Technologies SysAid is a suite of IT service management solutions from Sysaid Technologies, Israel. A security vulnerability exists in Sysaid Technologies SysAid Help Desk versions prior to 22.1.65. No information about this vulnerability is available at this time, so please stay tuned to...
Sysaid Technologies SysAid 跨站脚本漏洞
Sysaid Technologies SysAid is a suite of IT service management solutions from Sysaid Technologies, Israel. A security vulnerability exists in Sysaid Technologies SysAid Help Desk versions prior to 22.1.65. No information about this vulnerability is available at this time, so please stay tuned to...
Sysaid Technologies SysAid 跨站脚本漏洞
Sysaid Technologies SysAid is a suite of IT service management solutions from Sysaid Technologies, Israel. A security vulnerability exists in Sysaid Technologies SysAid Help Desk versions prior to 22.1.65. No information about this vulnerability is available at this time, so please stay tuned to...
PT-2022-25347 · Sysaid · Sysaid Help Desk
Name of the Vulnerable Software and Affected Versions: SysAid Help Desk versions prior to 22.1.65 Description: The issue allows for XSS. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was...
PT-2022-25349 · Sysaid · Sysaid Help Desk
Name of the Vulnerable Software and Affected Versions: SysAid Help Desk versions prior to 22.1.65 Description: The issue allows for XSS via the Linked SRs field. Recommendations: For versions prior to 22.1.65, update to version 22.1.65 or later to resolve the issue. As a temporary workaround,...
Sysaid Technologies SysAid 跨站脚本漏洞
Sysaid Technologies SysAid is a suite of IT service management solutions from Sysaid Technologies, Israel.Desk is a writing, blogging and note-taking application for individual developers. A security vulnerability exists in Sysaid Technologies SysAid Help Desk versions prior to 22.1.65. No...
PT-2022-25350 · Sysaid · Sysaid Help Desk
Name of the Vulnerable Software and Affected Versions: SysAid Help Desk versions prior to 22.1.65 Description: The issue allows for XSS via the Asset Dashboard. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world...
MuddyWater targets Israeli organizations by exploiting unpatched log4j vulnerabilities
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary MuddyWater, an Iranian threat actor, exploits Log4j two vulnerabilities in SysAid applications to target Israeli organizations. As soon as the attacker gains access to the targeted organization, it...