Multiple Cross-Site Scripting Vulnerabilities in Mirasvit Helpdesk MX by Mirasvit
CVE-2017-14321

5.4MEDIUM

Key Information:

Vendor: Mirasvit
Status: Helpdesk Mx
Vendor: CVE Published:; 21 September 2017

What is CVE-2017-14321?

The administrative interface of Mirasvit Helpdesk MX before version 1.5.3 is susceptible to multiple cross-site scripting vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web scripts or HTML, exploiting fields such as the customer name or the ticket subject. This can compromise the security of the application and the data of its users.

References

https://www.webshield.hu/vulnerabilities-found-webshield....

x_refsource_MISC

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 21, 2017
Vulnerability Reserved
Sep 12, 2017

CVE-2017-14321 Data

JSON