cvedb.io
CVE-2023-0357
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2023-04-04T23:15:07.153 · Last modified 2026-06-17T05:25:21.430

Summary

Helpy version 2.8.0 allows an unauthenticated remote attacker to exploit an XSS stored in the application. This is possible because the application does not correctly validate the attachments sent by customers in the ticket.

Affected products

helpy.io — helpy

Does this affect you?

Add your gear to cvedb and we'll alert you only when helpy.io ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.