Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
trudesk vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-1045
Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0.
Trudesk Project Trudesk
9.8
CVSSv3
CVE-2022-2128
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk before 1.2.4.
Trudesk Project Trudesk
5.4
CVSSv3
CVE-2022-1290
Stored XSS in "Name", "Group Name" & "Title" in GitHub repository polonel/trudesk prior to v1.2.0. This allows malicious users to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, ...
Trudesk Project Trudesk
4.9
CVSSv3
CVE-2022-1926
Integer Overflow or Wraparound in GitHub repository polonel/trudesk before 1.2.3.
Trudesk Project Trudesk
8.1
CVSSv3
CVE-2022-1931
Incorrect Synchronization in GitHub repository polonel/trudesk before 1.2.3.
Trudesk Project Trudesk
6.5
CVSSv3
CVE-2022-1947
Use of Incorrect Operator in GitHub repository polonel/trudesk before 1.2.3.
Trudesk Project Trudesk
6.5
CVSSv3
CVE-2022-1044
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1.
Trudesk Project Trudesk
7.5
CVSSv3
CVE-2022-1718
The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow malicious users to cause a Denial of Service (DoS) via a crafted HTTP request in GitHub repository polonel/trudesk before 1.2.2. This can lead to...
Trudesk Project Trudesk
5.4
CVSSv3
CVE-2022-1719
Reflected XSS on ticket filter function in GitHub repository polonel/trudesk before 1.2.2. This vulnerability is capable of executing a malicious javascript code in web page
Trudesk Project Trudesk
6.5
CVSSv3
CVE-2022-1728
Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk before 1.2.2. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.
Trudesk Project Trudesk
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »