Vulnerabilities found so far

CVE-2017-14320 (candidate)

Affected software

Mirasvit Helpdesk MX (version <1.5.3)

Description

Malcious file upload

How to exploit

There is no filter applied on uploaded files. User can upload any kind of file. However, the files are stored without extension, the attacker can upload a virus-infected file (even an executable). The administrator is able to download / run the file.

CVE-2017-14321 (candidate)

Affected software

Mirasvit Helpdesk MX (version <1.5.3)

Description

Multiple XSS vulnerabilities found.

The module does not filter user input properly.
(Customer name, Ticket subject)

How to exploit

Create a user in the magento store with script tags in the name (e.g.: John<script>alert(‘xss’)</script>)
The magento store handles it well, but when you enter a ticket in the helpdesk MX, your script will be run on the administrative interface.

Same method for the subject of the ticket.