CVE-2019-25263
Unknown Unknown - Not Provided
Persistent XSS in Zendesk SweetHawk Survey 1.6 via Ticket Submissions

Publication date: 2026-02-03

Last updated on: 2026-02-03

Assigner: VulnCheck

Description
Zendesk SweetHawk Survey 1.6 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through support ticket submissions. Attackers can insert XSS payloads like script tags into ticket text that automatically execute when survey pages are loaded by other users.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-03
Last Modified
2026-02-03
Generated
2026-06-16
AI Q&A
2026-02-03
EPSS Evaluated
2026-06-14
NVD
CVE-2019-25263
EUVD
EUVD-2019-19382
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
zendesk sweethawk_survey to 1.6 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2019-25263 is a persistent cross-site scripting (XSS) vulnerability found in Zendesk SweetHawk Survey version 1.6 and earlier. It allows attackers to inject malicious scripts into support ticket submissions by embedding XSS payloads, such as script tags, within the ticket text.

These malicious scripts then automatically execute when other users load the survey pages, potentially compromising the confidentiality and integrity of the application.

Impact Analysis

This vulnerability enables attackers to execute arbitrary JavaScript code in the browsers of users who visit the affected survey pages without requiring any user interaction.

  • Attackers can hijack user sessions.
  • Attackers can steal sensitive data.
  • It can lead to unauthorized actions performed on behalf of users.
  • Overall, it poses a medium severity threat to the confidentiality and integrity of the system.
Detection Guidance

This vulnerability can be detected by submitting test payloads containing common XSS scripts, such as <script>alert(1);</script>, through Zendesk support ticket submissions and then observing if the payload executes when the survey pages are loaded.

Since the vulnerability involves persistent cross-site scripting via ticket text, detection involves monitoring ticket submissions for suspicious script tags or payloads and verifying if these scripts execute in the survey page context.

No specific network or system commands are provided in the available resources for automated detection.

Mitigation Strategies

Immediate mitigation steps include avoiding the use of Zendesk SweetHawk Survey version 1.6 or earlier until a patch or update is available.

Additionally, monitor and sanitize all support ticket inputs to prevent injection of malicious scripts.

Implement web application firewall (WAF) rules to detect and block common XSS payloads in ticket submissions.

Restrict privileges and user interactions where possible to limit the impact of potential exploitation.

Compliance Impact

[{'type': 'paragraph', 'content': 'The persistent cross-site scripting (XSS) vulnerability in Zendesk SweetHawk Survey 1.6 allows attackers to inject malicious scripts that execute in the browsers of users viewing affected survey pages. This can lead to unauthorized access to sensitive information, session hijacking, and data theft, which may compromise the confidentiality and integrity of user data.'}, {'type': 'paragraph', 'content': "Such compromises can negatively impact compliance with data protection regulations like GDPR and HIPAA, which require organizations to protect personal and sensitive data from unauthorized access and breaches. The vulnerability's potential to expose or manipulate user data could result in violations of these standards, leading to legal and regulatory consequences."}] [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25263. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart