CVE-2022-31398
CVE-2022-31398 is a cross-site scripting (XSS) vulnerability in HelpDeskZ v2.0.2, specifically involving /staff/tools/custom-fields. The root cause is a lack of parameter filtering/escaping in the email name field, enabling an attacker to inject arbitrary web scripts or HTML. Impact is limited to...