CNNVD-202602-390 Information
Feb 03, 2026
cve
CNNVD ID
CNNVD-202602-390
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
Zendesk SweetHawk Survey是日本Zendesk公司的一个满意度调研插件。 Zendesk SweetHawk Survey 1.6版本存在跨站脚本漏洞,该漏洞源于支持票据提交中存在存储型跨站脚本问题,可能导致执行恶意脚本。
Description (English)
Zendesk Sweethawk Survey is a satisfaction research plugin for Zendesk Japan. Version 1.6 of Zendesk Sweethawk Survey has a cross-site script loophole, which stems from the problem of stored cross-site scripts in the submission of supporting instruments, which may lead to the execution of malicious scripts.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
Zendesk
Published
2026-02-03
Last Modified
2026-02-24
References
https://sweethawk.co/zendesk/survey-app https://www.exploit-db.com/exploits/47781 https://www.vulncheck.com/advisories/zendesk-app-sweethawk-survey-persistent-cross-site-scripting https://www.zendesk.com/apps/support/survey/
Share on: