Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Create Ticket function.
CVE-2023-26982 Vulnerability Explanation: Trudesk v126 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Create Ticket function Attack Vectors: The attacker must create some ticket and then edit tags in the ticket and insert the XSS payload at the Add Tags input, Create Tag in order to exploit the stored XSS The