CVE-2022-31455

Name of the Vulnerable Software and Affected Versions Truedesk version 1.2.2

Description A cross-site scripting issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a user chat box.

Recommendations For Truedesk version 1.2.2, consider disabling the chat box feature until a patch is available to prevent exploitation. Restrict access to the chat functionality to minimize the risk of arbitrary script execution. At the moment, there is no information about a newer version that contains a fix for this issue.