Lark Technologies: Stored xss on helpdesk using user's city

A stored XSS cross-site scripting was found on the internal larksuite helpdesk, which an attacker could have potentially used to obtain access to the internal helpdesk. We thank imrannisar for reporting this vulnerability and confirming its resolution...