What the vulnerability does
01Description
Unauthenticated Broken Access Control in JS Help Desk <= 3.0.9 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
What the vulnerability does
Unauthenticated Broken Access Control in JS Help Desk <= 3.0.9 versions.
Explanation of Vulnerability in Simple Terms
JS Help Desk through version 3.0.9 fails to properly check user permissions before allowing certain actions. An attacker without authentication can modify data or disrupt service availability. No confidentiality impact is present. Update to a version newer than 3.0.9.
What an attacker can do
Modify data or disrupt service without logging in.
Potential impact on your site
Unauthorized users can alter help desk data or cause service disruptions without credentials.
Conditions required to exploit
Network access to the application; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities