cbcvebase.
CVE-2023-50839
published 2023-12-28

CVE-2023-50839: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support…

PriorityP264critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
2.04%
78.7th percentile
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.1.

Affected

2 ranges
VendorProductVersion rangeFixed in
rabilaljs_help_desk_ai-powered_support_ticketing_system<= 2.8.2
wiselyhubjs_help_desk<= 2.8.1

Detection & IOCsextracted from sources · hover to see the quote

url/js-support-ticket-controlpanel/
commandform_request=jssupportticket&jstmod=ticket&task=showticketstatus&[email protected]&ticketid=1'+AND+(SELECT+1+FROM+(SELECT+SLEEP(8))x)--+-
  • Exploit targets the `ticketid` POST parameter with a time-based blind SQL injection payload using SLEEP(8); detect POST requests to /js-support-ticket-controlpanel/ with SQL keywords (SELECT, SLEEP, AND) in the body.
  • Successful exploitation results in an HTTP 302 redirect with an empty body and Content-Type text/html; a response duration >= 8 seconds indicates the SLEEP payload fired.
  • The request uses Content-Type application/x-www-form-urlencoded and includes the fixed form fields form_request=jssupportticket, jstmod=ticket, task=showticketstatus; monitor for these in POST bodies to the plugin endpoint.
  • ·Vulnerability affects JS Help Desk plugin versions up to and including 2.8.1; versions beyond this range are not confirmed affected.
  • ·The PoC uses a time-based blind SQLi with an 8-second sleep threshold; adjust detection thresholds accordingly to avoid false positives from slow networks.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.