PT-2026-21238 · Joomsky · Joomsky Js Help Desk
Bonds
·
Publicado
2026-02-20
·
Atualizado
2026-02-21
·
CVE-2026-24959
CVSS v3.1
8.5
Alta
| Vetor | AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
JoomSky JS Help Desk versions through 3.0.1
Description
A flaw exists in JoomSky JS Help Desk js-support-ticket that allows for Blind SQL Injection due to improper neutralization of special elements used in an SQL command. This issue could potentially allow an attacker to extract data from the database.
Recommendations
Update JoomSky JS Help Desk to a version later than 3.0.1.
Correção
SQL injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Joomsky Js Help Desk