SQL injection vulnerability in staff/index.php in Kayako SupportSuite 3.20.02 and previous versions allows remote authenticated users to execute arbitrary SQL commands via the customfieldlinkid parameter in a delcflink action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kayako supportsuite 3.10.00 |
||
kayako supportsuite 3.11.01 |
||
kayako supportsuite |
||
kayako supportsuite 3.10.02 |
||
kayako supportsuite 3.11.00 |