Product
helpy.io helpy
6 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-40230
CVE-2026-40229
CVE-2025-52184
CVE-2023-0357
CVE-2018-20851
CVE-2018-18886
all versions
Helpy contains a stored cross-site scripting vulnerability in the knowledge base Doc rendering logic. An authenticated attacker wi
all versions
Helpy contains a stored cross-site scripting vulnerability in the post author display logic. Any registered user can persist arbit
all versions
Cross Site Scripting vulnerability in Helpy.io v.2.8.0 allows a remote attacker to escalate privileges via the New Topic Ticket fu
all versions
Helpy version 2.8.0 allows an unauthenticated remote attacker to exploit an XSS stored in the application. This is possible becaus
< 2.2.0
Helpy before 2.2.0 allows agents to edit admins.
< 2.2.0
Helpy v2.1.0 has Stored XSS via the Ticket title.