Description
Multiple persistent input validation vulnerabilities are detected in the Kayako Fusion v4.51.1891 Web Application. The vulnerability typus allows an attacker to inject own malicious script code in the vulnerable module on application side (persistent). The vulnerabilities can be exploited with a privileged application user account and low or medium required user interaction.
Remediation
Upgrade to the latest version of Kayako Fusion.
References
Related Vulnerabilities
Drupal Core 5.x Multiple Cross-Site Scripting Vulnerabilities (5.0 - 5.1)
WordPress Plugin WPS Limit Login Multiple Vulnerabilities (1.4.5)
WordPress Plugin Relevanssi-A Better Search Cross-Site Scripting (3.3.7.1)
WordPress 3.8.x Multiple Vulnerabilities (3.8 - 3.8.20)
WordPress Plugin Live Streaming/Broadcast Live Video Cross-Site Scripting (4.27.2)