17 Aug 2008, 7:54pm
Uncategorized: Cross Site Scripting Helpdesk Security Kayako SupportSuite malicious scripts SQL injection
by admin
leave a comment
Uncategorized: Cross Site Scripting Helpdesk Security Kayako SupportSuite malicious scripts SQL injection
by admin
leave a comment
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Dec | ||||||
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 | 31 | ||||
Archives
Blogroll
Kayako SupportSuite <= 3.20.02 Multiple Vulnerabilities
James Bercegay of the GulfTech Security Research Team recently found Multiple Vulnerabilities with Kayako SupportSuite <= 3.20.02
Description:
Kayako SupportSuite is a very popular online eSupport application that consists of several well known Kayako products such as Kayako LiveResponse and Kayako eSupport. Unfortunately there are several security issues in Kayako SupportSuite that may allow for an attacker to gain access to a staff account and then escalate their privileges to administrator. These issues include Cross Site Scripting, Script Injection, and SQL Injection. All of these issues are resolved in Kayako SupportSuite 3.30 and users should upgrade as soon as possible.
For Solution and Detail Report click here