CVE-2019-25263

Name of the Vulnerable Software and Affected Versions Zendesk SweetHawk Survey version 1.6

Description A persistent cross-site scripting issue allows attackers to inject malicious scripts through support ticket submissions. Attackers can insert payloads, such as script tags, into the ticket text which then execute automatically when other users load the survey pages.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.