2 matches found
CVE-2022-45179
An issue was discovered in LIVEBOX Collaboration vDesk through v031. A basic XSS vulnerability exists under the /api/v1/vdeskintegration/todo/createorupdate endpoint via the title parameter and /dashboard/reminders. A remote user authenticated to the product can store arbitrary HTML code in the...
CVE-2022-45179
LIVEBOX Collaboration vDesk (through v031) has a basic XSS vulnerability in the /api/v1/vdeskintegration/todo/createorupdate endpoint via the title parameter, and in /dashboard/reminders. A remote authenticated user can inject arbitrary HTML into the reminder title, potentially corrupting the pag...