2 matches found
CVE-2023-0325
Uvdesk version 1.1.1 allows an unauthenticated remote attacker to exploit a stored XSS in the application. This is possible because the application does not correctly validate the message sent by the clients in the ticket...
CVE-2023-0325
Uvdesk 1.1.1 contains a stored XSS vulnerability that can be exploited by an unauthenticated remote attacker. The issue arises because the application does not correctly validate messages submitted by clients in tickets, enabling arbitrary script execution in the victim’s browser. Multiple connec...