Uvdesk version 1.1.1 allows an unauthenticated remote malicious user to exploit a stored XSS in the application. This is possible because the application does not correctly validate the message sent by the clients in the ticket.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
uvdesk community-skeleton 1.1.1 |