cbcvebase.
CVE-2002-0931
published 2002-10-04

CVE-2002-0931: Cross-site scripting vulnerabilities in MyHelpDesk 20020509, and possibly other versions, allows remote attackers to execute script as other users via a (1)…

PriorityP427high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
3.07%
86.0th percentile
Cross-site scripting vulnerabilities in MyHelpDesk 20020509, and possibly other versions, allows remote attackers to execute script as other users via a (1) Title or (2) Description when a new ticket is created by a support assistant, via the "id" parameter to the index.php script with the (3) tickettime, (4) ticketfiles, or (5) updateticketlog operations, or (6) via the update section when a ticket is edited.

Affected

1 ranges
VendorProductVersion rangeFixed in
luis_bernardomyhelpdesk<= 2002-05-09
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.