CVE-2023-1724 Information

Description

Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. This occurs because the application is vulnerable to stored XSS.

Reference

https://github.com/ladybirdweb/faveo-helpdesk/ https://fluidattacks.com/advisories/towers/