MidnightBSD

Advisories for mirasvit

CVE-2017-14320 MEDIUM

Mirasvit Helpdesk MX before 1.5.3 might allow remote attackers to execute arbitrary code by leveraging failure to filter uploaded files.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
mirasvit helpdesk_mx *
CVE-2017-14321 LOW

Multiple cross-site scripting (XSS) vulnerabilities in the administrative interface in Mirasvit Helpdesk MX before 1.5.3 allow remote attackers to inject arbitrary web script or HTML via the (1) customer name or (2) subject in a ticket.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mirasvit helpdesk_mx *