You have an outdated version of “Submit a ticket” (Help Desk Software) by Kayako? you should read this !
(This will be a less technical article and more article to warn any site that uses an outdated versions of product, So that there will be no situation where I’ll give ideas to people on how to bypass it for XSS in outdated version.)
First let’s start with what is Kayako?
Kayako is a customer service software company based in London, United Kingdom. Kayako builds customer service and help desk software which businesses use to talk to and support their customers. Kayako was founded in 2001 in Jalandhar, India and has since relocated its headquarters in London, United Kingdom.[1] In addition to its London location, the company has offices in Gurgaon, India, and Singapore. “Wikipedia”
One of Kayako Help Desk Software features is “Submit a ticket”, when customers of a company need help they can “Submit a ticket” with their information , questions and pictures.
More then 100K Companies, Universities and Governmental institutions use this product.
In the outdated versions of the “Submit a ticket” feature, users can submit some XSS payloads and get a shareable link to their ticket, and this called Stored XSS , this vulnerability can harm the help desk workers and also anyone who will access the shareable link. you can see a demo of this vulnerability i found in Comodo :
Note that this has been fixed in latest versions but i did managed to bypass it a couple of times and reported about it.
I found XSS Vulnerabilities in every outdated version of “Submit a ticket” feature except from the latest version(for now) .
Companies, Universities and Governmental institutions that use this product:
Please update it or do not use it at all !
I tried to get a response from Kayako about it and about the risk for a lot of companies, universities and governmental institutions that use this product but they didn’t responded to any of my emails or messages on their official twitter.
If in the future i will get a response Kayako, i will add it to the article.
