CVE-2023-49216 in Usedeskinfo

Summary

by MITRE • 11/24/2023

Usedesk before 1.7.57 allows profile stored XSS.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Analysis

by VulDB Data Team • 03/02/2026

The vulnerability in Usedesk versions prior to 1.7.57 represents a critical stored cross-site scripting flaw that enables attackers to inject malicious code into user profiles, creating persistent security risks across the application ecosystem. This vulnerability falls under the CWE-79 category of Cross-Site Scripting, specifically classified as a stored XSS variant where malicious payloads are permanently stored on the server and executed whenever affected pages are loaded. The flaw occurs due to insufficient input validation and output encoding mechanisms within the profile management functionality, allowing attackers to submit crafted script code through user profile fields that are subsequently rendered without proper sanitization.

The operational impact of this vulnerability extends beyond simple data theft or defacement, as it provides adversaries with a persistent foothold within the application environment. When authenticated users view compromised profiles, their browsers execute the injected malicious scripts, potentially leading to session hijacking, credential theft, or redirection to malicious sites. The stored nature of this vulnerability means that once exploited, the malicious code remains active until manually removed from the system, creating ongoing exposure for all users who encounter the affected profile content. This type of vulnerability is particularly dangerous in business environments where user profiles contain sensitive information and may be accessed by multiple stakeholders throughout the organization.

Attackers can leverage this vulnerability through various techniques including but not limited to cookie stealing via document.cookie access, phishing redirection, or even more sophisticated payload delivery mechanisms that establish persistent command and control channels. The vulnerability aligns with ATT&CK technique T1531 which focuses on use of valid accounts for unauthorized access and persistence. Organizations utilizing Usedesk without proper patching measures face significant risk of unauthorized data access and potential system compromise. The attack surface expands when considering that compromised user profiles may be visible to other authenticated users, creating a chain reaction of potential security breaches.

Mitigation strategies should include immediate deployment of the patched version 1.7.57 or later, implementing comprehensive input validation and output encoding across all profile-related functionality, and establishing proper content security policies to prevent script execution in user-generated content areas. Additionally, organizations should conduct regular security assessments of third-party applications, implement web application firewalls for additional protection layers, and establish monitoring procedures to detect anomalous activity patterns that may indicate exploitation attempts. The vulnerability also highlights the importance of maintaining up-to-date software versions and implementing robust patch management processes to prevent similar issues in other components of the security infrastructure.

Reservation

11/23/2023

Disclosure

11/24/2023

Moderation

accepted

CPE

ready

EPSS

0.00388

KEV

no

Activities

very low

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!