Product:

Trudesk

(Trudesk_project)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 20
Date Id Summary Products Score Patch Annotated
2023-03-29 CVE-2023-26982 Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Create Ticket function. Trudesk 5.4
2022-04-10 CVE-2022-1290 Stored XSS in "Name", "Group Name" & "Title" in GitHub repository polonel/trudesk prior to v1.2.0. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse. Trudesk 5.4
2022-04-11 CVE-2022-1045 Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0. Trudesk 5.4
2022-05-12 CVE-2022-1044 Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1. Trudesk 6.5
2022-05-16 CVE-2022-1728 Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications. Trudesk 6.5
2022-05-20 CVE-2022-1754 Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2. Trudesk 6.5
2022-05-20 CVE-2022-1770 Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2. Trudesk 8.8
2022-05-20 CVE-2022-1803 Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior to 1.2.2. Trudesk 6.9
2022-05-20 CVE-2022-1775 Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2. Trudesk 9.8
2022-05-21 CVE-2022-1752 Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2. Trudesk 8.0