Dr.Hail

Name of the Vulnerable Software and Affected Versions: Kayako SupportSuite version 3.00.32 Description: A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the query string in the index.php file. Recommendations: For Kayako SupportSuite version 3.00.32, update to a newer version that contains a fix for this issue to prevent remote attackers from injecting arbitrary web script or HTML via the query string.