CVE-2022-47151

Name of the Vulnerable Software and Affected Versions JS Help Desk – Best Help Desk & Support Plugin versions through 2.7.1

Description The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as a SQL Injection vulnerability. This allows for potential exploitation by injecting malicious SQL code.

Recommendations For versions through 2.7.1, update to a version later than 2.7.1 to resolve the issue. As a temporary workaround, consider restricting access to sensitive database operations until a patch is available. Avoid using user-supplied input in SQL commands without proper sanitization until the issue is resolved.