Web Help Desk Security Vulnerabilities and Issues — Web Help Desk CVE List

Lucene search

SolarwindsWeb Help Desk

6 matches found

CVE•added 2021/01/04 8:15 a.m.•193 views

CVE-2019-16956

SolarWinds Web Help Desk 12.7.0 allows XSS via the Request Type parameter of a ticket.

5.4CVSS5.3AI score0.01934EPSS

CVE•added 2021/01/04 8:15 a.m.•67 views

CVE-2019-16960

SolarWinds Web Help Desk 12.7.0 allows XSS via a CSV template file with a crafted Location Name field.

5.4CVSS5.1AI score0.01934EPSS

CVE•added 2021/08/26 3:15 p.m.•59 views

CVE-2021-32076

Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2. An attacker can access the 'Web Help Desk Getting Started Wizard', especially the admin account creation page, from a non-privileged IP address network range or loopback address by intercepting the HTTP ...

5.3CVSS5.2AI score0.00478EPSS

CVE•added 2021/12/23 8:15 p.m.•59 views

CVE-2021-35243

The HTTP PUT and DELETE methods were enabled in the Web Help Desk web server (12.7.7 and earlier), allowing users to execute dangerous HTTP requests. The HTTP PUT method is normally used to upload data that is saved on the server with a user-supplied URL. While the DELETE method requests that the o...

7.5CVSS6.5AI score0.00462EPSS

CVE•added 2021/01/15 2:15 p.m.•46 views

CVE-2019-16961

SolarWinds Web Help Desk 12.7.0 allows XSS via a Schedule Name.

5.4CVSS5.2AI score0.02185EPSS

CVE•added 2021/01/06 5:15 p.m.•29 views

CVE-2019-16954

SolarWinds Web Help Desk 12.7.0 allows HTML injection via a Comment in a Help Request ticket.

5.4CVSS5.6AI score0.01433EPSS