Kayako : Security Vulnerabilities, CVEs, Published In 2012
Cross-site scripting (XSS) vulnerability in Tickets/Submit in Kayako Fusion before 4.40.985 allows remote attackers to inject arbitrary web script or HTML via certain vectors, possibly a crafted ticket description.
Max CVSS
4.3
EPSS Score
0.25%
Published
2012-09-06
Updated
2017-08-29
Cross-site scripting (XSS) vulnerability in __swift/thirdparty/PHPExcel/PHPExcel/Shared/JAMA/docs/download.php in Kayako Fusion 4.40.1148, and possibly before 4.50.1581, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
Max CVSS
4.3
EPSS Score
3.88%
Published
2012-09-15
Updated
2017-08-29
2 vulnerabilities found