Total
19 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-26982 | 1 Trudesk Project | 1 Trudesk | 2023-12-10 | N/A | 5.4 MEDIUM |
| Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Create Ticket function. | |||||
| CVE-2022-1718 | 1 Trudesk Project | 1 Trudesk | 2023-12-10 | N/A | 7.5 HIGH |
| The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in GitHub repository polonel/trudesk prior to 1.2.2. This can lead to Denial of service. | |||||
| CVE-2022-1719 | 1 Trudesk Project | 1 Trudesk | 2023-12-10 | N/A | 5.4 MEDIUM |
| Reflected XSS on ticket filter function in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability is capable of executing a malicious javascript code in web page | |||||
| CVE-2022-1803 | 1 Trudesk Project | 1 Trudesk | 2023-12-10 | 4.9 MEDIUM | 6.9 MEDIUM |
| Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior to 1.2.2. | |||||
| CVE-2022-1045 | 1 Trudesk Project | 1 Trudesk | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
| Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0. | |||||
| CVE-2022-1754 | 1 Trudesk Project | 1 Trudesk | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2. | |||||
| CVE-2022-1752 | 1 Trudesk Project | 1 Trudesk | 2023-12-10 | 6.0 MEDIUM | 8.0 HIGH |
| Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2. | |||||
| CVE-2022-1947 | 1 Trudesk Project | 1 Trudesk | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| Use of Incorrect Operator in GitHub repository polonel/trudesk prior to 1.2.3. | |||||
| CVE-2022-1728 | 1 Trudesk Project | 1 Trudesk | 2023-12-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. | |||||
| CVE-2022-1931 | 1 Trudesk Project | 1 Trudesk | 2023-12-10 | 5.5 MEDIUM | 8.1 HIGH |
| Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3. | |||||
| CVE-2022-1770 | 1 Trudesk Project | 1 Trudesk | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
| Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2. | |||||
| CVE-2022-2023 | 1 Trudesk Project | 1 Trudesk | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4. | |||||
| CVE-2022-1775 | 1 Trudesk Project | 1 Trudesk | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2. | |||||
| CVE-2022-1290 | 1 Trudesk Project | 1 Trudesk | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
| Stored XSS in "Name", "Group Name" & "Title" in GitHub repository polonel/trudesk prior to v1.2.0. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse. | |||||
| CVE-2022-1044 | 1 Trudesk Project | 1 Trudesk | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1. | |||||
| CVE-2022-2128 | 1 Trudesk Project | 1 Trudesk | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4. | |||||
| CVE-2022-1808 | 1 Trudesk Project | 1 Trudesk | 2023-12-10 | 6.5 MEDIUM | 8.8 HIGH |
| Execution with Unnecessary Privileges in GitHub repository polonel/trudesk prior to 1.2.3. | |||||
| CVE-2022-1893 | 1 Trudesk Project | 1 Trudesk | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository polonel/trudesk prior to 1.2.3. | |||||
| CVE-2022-1926 | 1 Trudesk Project | 1 Trudesk | 2023-12-10 | 4.0 MEDIUM | 4.9 MEDIUM |
| Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3. | |||||