Trudesk_project Trudesk
20 CVEs affecting Trudesk_project Trudesk. Latest disclosed: 2024-06-24. Critical: 3, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-2128 | Critical | 9.8 | 2022-06-20 | Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4. |
CVE-2022-2023 | Critical | 9.8 | 2022-06-20 | Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4. |
CVE-2022-1775 | Critical | 9.8 | 2022-05-20 | Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2. |
CVE-2022-1808 | High | 8.8 | 2022-05-31 | Execution with Unnecessary Privileges in GitHub repository polonel/trudesk prior to 1.2.3. |
CVE-2022-1770 | High | 8.8 | 2022-05-20 | Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2. |
CVE-2022-1931 | High | 8.1 | 2022-05-31 | Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3. |
CVE-2022-1752 | High | 8.0 | 2022-05-21 | Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2. |
CVE-2022-1718 | High | 7.5 | 2022-09-29 | The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Ser… |
CVE-2022-1803 | Medium | 6.9 | 2022-05-20 | Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior to 1.2.2. |
CVE-2021-45785 | Medium | 6.5 | 2024-06-24 | TruDesk Help Desk/Ticketing Solution v1.1.11 is vulnerable to a Cross-Site Request Forgery (CSRF) attack which would allow an attacker to restart the server, c… |
CVE-2022-1947 | Medium | 6.5 | 2022-05-31 | Use of Incorrect Operator in GitHub repository polonel/trudesk prior to 1.2.3. |
CVE-2022-1754 | Medium | 6.5 | 2022-05-20 | Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2. |
CVE-2022-1728 | Medium | 6.5 | 2022-05-16 | Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability can be abused by d… |
CVE-2022-1044 | Medium | 6.5 | 2022-05-12 | Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1. |
CVE-2023-26982 | Medium | 5.4 | 2023-03-29 | Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Create Ticket function. |
CVE-2022-1719 | Medium | 5.4 | 2022-09-29 | Reflected XSS on ticket filter function in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability is capable of executing a malicious javascript… |
CVE-2022-1045 | Medium | 5.4 | 2022-04-11 | Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0. |
CVE-2022-1290 | Medium | 5.4 | 2022-04-10 | Stored XSS in "Name", "Group Name" & "Title" in GitHub repository polonel/trudesk prior to v1.2.0. This allows attackers to execute malicious scripts in the us… |
CVE-2022-1926 | Medium | 4.9 | 2022-05-31 | Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3. |
CVE-2022-1893 | Medium | 4.6 | 2022-05-31 | Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository polonel/trudesk prior to 1.2.3. |