Vulnerabilities > BMC > Service Desk Express > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-07-29 | CVE-2013-4946 | Cross-Site Scripting vulnerability in BMC Service Desk Express 10.2.1.95 Multiple cross-site scripting (XSS) vulnerabilities in BMC Service Desk Express (SDE) 10.2.1.95 allow remote attackers to inject arbitrary web script or HTML via the (1) SelTab parameter to QV_admin.aspx, the (2) CallBack parameter to QV_grid.aspx, or the (3) HelpPage parameter to commonhelp.aspx. | 4.3 |