CVE-2017-14321

Name of the Vulnerable Software and Affected Versions Mirasvit Helpdesk MX versions prior to 1.5.3

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the administrative interface. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the customer name or subject in a ticket.

Recommendations For versions prior to 1.5.3, update to version 1.5.3 or later to resolve the issue. As a temporary workaround, consider restricting user input for the customer name and subject fields in tickets to minimize the risk of exploitation.