All 5 CVE vulnerabilities found in SupportCandy – Helpdesk & Support Ticket System, with AI-generated Chinese analysis, references, and POCs.
Vendor: Unknown
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-24880 | SupportCandy < 2.2.7 - Contributor+ Stored Cross-Site Scripting CWE-79 | 5.4 | - | 2022-02-07 |
| CVE-2021-24879 | SupportCandy < 2.2.7 - CSRF to Cross-Site Scripting CWE-352 | 7.3 | - | 2022-02-07 |
| CVE-2021-24843 | SupportCandy < 2.2.7 - Arbitrary Ticket Deletion via CSRF CWE-352 | 6.5 | - | 2022-02-07 |
| CVE-2021-24878 | SupportCandy < 2.2.7 - Reflected Cross-Site Scripting CWE-79 | 6.1 | - | 2022-02-07 |
| CVE-2021-24839 | SupportCandy < 2.2.5 - Unauthenticated Arbitrary Ticket Deletion CWE-862 | 7.5 | - | 2022-02-07 |
All 5 known CVE vulnerabilities affecting SupportCandy – Helpdesk & Support Ticket System with full Chinese analysis, references, and POCs where available.