Stored XSS Vulnerability in Faveo Helpdesk Enterprise version 6.0.1 Allows Privilege Escalation

Stored XSS Vulnerability in Faveo Helpdesk Enterprise version 6.0.1 Allows Privilege Escalation

CVE-2023-1724 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. This occurs because the application is vulnerable to stored XSS.

Learn more about our Web Application Penetration Testing UK.