CVE-2026-23752 | GFI HelpDesk up to 4.99.8 Groups Page companyname cross site scripting

Inserito da Angelo Barbosa | Apr 20, 2026 | CVE

A vulnerability, which was classified as problematic, was found in GFI HelpDesk up to 4.99.8. Affected is an unknown function of the component Groups Page. Such manipulation of the argument companyname leads to cross site scripting.

This vulnerability is documented as CVE-2026-23752. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.

CVE-2026-23752 | GFI HelpDesk up to 4.99.8 Groups Page companyname cross site scripting

Post correlati

CVE-2025-13604 | CleanTalk Login Security, FireWall, Malware removal by CleanTalk Plugin cross site scripting

CVE-2025-60751 | GeographicLib 2.5 DMS::InternalDecode buffer overflow (Issue 43)

CVE-2025-67636 | Jenkins up to 2.540/LTS 2.528.2 permission

CVE-2024-13065 | Akinsoft MyRezzta up to 2.05.00 behavioral workflow