CVE-2021-40925
CVE-2021-40925 is an XSS vulnerability in dompdf/dompdf/www/demo.php used by infaveo-helpdesk v1.11.0 and earlier. The issue arises from reflecting the $_SERVER["PHP_SELF"] parameter, enabling remote attackers to inject arbitrary script/HTML. Affected component: demo.php in the dompdf/dompdf pack...