Trudesk_project Trudesk

20 CVEs affecting Trudesk_project Trudesk. Latest disclosed: 2024-06-24. Critical: 3, High: 5.

Top CVEs affecting Trudesk_project Trudesk
CVESeverityScorePublishedSummary
CVE-2022-2128Critical9.82022-06-20Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4.
CVE-2022-2023Critical9.82022-06-20Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4.
CVE-2022-1775Critical9.82022-05-20Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1808High8.82022-05-31Execution with Unnecessary Privileges in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1770High8.82022-05-20Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1931High8.12022-05-31Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1752High8.02022-05-21Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1718High7.52022-09-29The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Ser…
CVE-2022-1803Medium6.92022-05-20Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2021-45785Medium6.52024-06-24TruDesk Help Desk/Ticketing Solution v1.1.11 is vulnerable to a Cross-Site Request Forgery (CSRF) attack which would allow an attacker to restart the server, c…
CVE-2022-1947Medium6.52022-05-31Use of Incorrect Operator in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1754Medium6.52022-05-20Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1728Medium6.52022-05-16Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability can be abused by d…
CVE-2022-1044Medium6.52022-05-12Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1.
CVE-2023-26982Medium5.42023-03-29Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Create Ticket function.
CVE-2022-1719Medium5.42022-09-29Reflected XSS on ticket filter function in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability is capable of executing a malicious javascript…
CVE-2022-1045Medium5.42022-04-11Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0.
CVE-2022-1290Medium5.42022-04-10Stored XSS in "Name", "Group Name" & "Title" in GitHub repository polonel/trudesk prior to v1.2.0. This allows attackers to execute malicious scripts in the us…
CVE-2022-1926Medium4.92022-05-31Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1893Medium4.62022-05-31Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository polonel/trudesk prior to 1.2.3.