43 matches found
CVE-2026-40229
Helpy contains a stored cross-site scripting vulnerability in the post author display logic. Any registered user can persist arbitrary HTML in their account name field and cause it to be rendered unescaped in public forum threads where they participate, in the admin ticket view, and in HTML...
CVE-2026-40230
Helpy contains a stored cross-site scripting vulnerability in the knowledge base Doc rendering logic. An authenticated attacker with admin or agent editor privileges can persist arbitrary HTML or JavaScript in the body field of a knowledge base Doc.This issue affects helpy: 2.8.0...
CVE-2026-40230
CVE-2026-40230 (Helpy 2.8.0) : A stored cross-site scripting vulnerability exists in the knowledge base Doc rendering logic. An authenticated attacker with admin or agent editor privileges can persist arbitrary HTML or JavaScript in the body field of a knowledge base Doc. This is tied to Helpy ve...
CVE-2026-40230 Helpy 2.8.0 - Stored XSS in knowledgebase Doc body rendering
Helpy contains a stored cross-site scripting vulnerability in the knowledge base Doc rendering logic. An authenticated attacker with admin or agent editor privileges can persist arbitrary HTML or JavaScript in the body field of a knowledge base Doc.This issue affects helpy: 2.8.0...
EUVD-2026-26245
Helpy contains a stored cross-site scripting vulnerability in the knowledge base Doc rendering logic. An authenticated attacker with admin or agent editor privileges can persist arbitrary HTML or JavaScript in the body field of a knowledge base Doc.This issue affects helpy: 2.8.0...
CVE-2026-40230
Helpy contains a stored cross-site scripting vulnerability in the knowledge base Doc rendering logic. An authenticated attacker with admin or agent editor privileges can persist arbitrary HTML or JavaScript in the body field of a knowledge base Doc.This issue affects helpy: 2.8.0...
CVE-2026-40229 Helpy 2.8.0 - Stored XSS in post author display via PostsHelper
Helpy contains a stored cross-site scripting vulnerability in the post author display logic. Any registered user can persist arbitrary HTML in their account name field and cause it to be rendered unescaped in public forum threads where they participate, in the admin ticket view, and in HTML...
CVE-2026-40229
Helpy (version 2.8.0) has a Stored Cross-Site Scripting (XSS) in the post author display logic (PostsHelper). An authenticated user can persist arbitrary HTML in their account name, which is rendered unescaped in public forum threads, the admin ticket view, and HTML notification emails sent to ot...
EUVD-2026-26244
Helpy contains a stored cross-site scripting vulnerability in the post author display logic. Any registered user can persist arbitrary HTML in their account name field and cause it to be rendered unescaped in public forum threads where they participate, in the admin ticket view, and in HTML...
CVE-2026-40229
Helpy contains a stored cross-site scripting vulnerability in the post author display logic. Any registered user can persist arbitrary HTML in their account name field and cause it to be rendered unescaped in public forum threads where they participate, in the admin ticket view, and in HTML...
CVE-2026-40229 Helpy 2.8.0 - Stored XSS in post author display via PostsHelper
Helpy contains a stored cross-site scripting vulnerability in the post author display logic. Any registered user can persist arbitrary HTML in their account name field and cause it to be rendered unescaped in public forum threads where they participate, in the admin ticket view, and in HTML...
PT-2026-35950
Name of the Vulnerable Software and Affected Versions Helpy version 2.8.0 Description A stored cross-site scripting issue exists in the post author display logic. A registered user can persist arbitrary HTML in the account name field, which is then rendered unescaped in public forum threads, the...
Helpy 跨站脚本漏洞
Helpy is an open-source customer support application developed by the American company Helpy. This program includes features such as a knowledge base, community discussions, and email support. Version 2.8.0 of Helpy contains a cross-site scripting vulnerability, which stems from the storage-based...
CVE-2018-18886
Helpy v2.1.0 has Stored XSS via the Ticket title...
EUVD-2018-10597
Malware in sbrugna...
EUVD-2018-13391
Malware in sbrugna...
EUVD-2025-25813
Malicious code in bioql PyPI...
EUVD-2023-12418
Malicious code in bioql PyPI...
CVE-2025-52184
Cross Site Scripting vulnerability in Helpy.io v.2.8.0 allows a remote attacker to escalate privileges via the New Topic Ticket funtion...
CVE-2025-52184
CVE-2025-52184 affects Helpy.io version 2.8.0 and involves a Cross Site Scripting flaw in the New Topic Ticket feature that can allow an attacker to escalate privileges. The CVSS data indicates a Network attack vector, low attack complexity, no privileges required, but user interaction is require...