Vulnerabilities > Ladybirdweb > Faveo Helpdesk > 1.0.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-24 | CVE-2023-1724 | Cross-site Scripting vulnerability in Ladybirdweb Faveo Helpdesk Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. | 5.4 |
| 2023-03-24 | CVE-2023-25350 | SQL Injection vulnerability in Ladybirdweb Faveo Helpdesk Faveo Helpdesk 1.0-1.11.1 is vulnerable to SQL Injection. | 8.8 |