Vulnerabilities > Ladybirdweb > Faveo Helpdesk > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-01 | CVE-2024-51377 | Cross-site Scripting vulnerability in Ladybirdweb Faveo Helpdesk 9.2.0 An issue in Ladybird Web Solution Faveo Helpdesk & Servicedesk (On-Premise and Cloud) 9.2.0 allows a remote attacker to execute arbitrary code via the Subject and Identifier fields | 5.4 |
| 2023-06-24 | CVE-2023-1724 | Cross-site Scripting vulnerability in Ladybirdweb Faveo Helpdesk Faveo Helpdesk Enterprise version 6.0.1 allows an attacker with agent permissions to perform privilege escalation on the application. | 5.4 |