Polonel/trudesk

CVEs (18)

CVE	CVSS	EPSS	Published	Description
CVE-2022-2128	—	0.00	Jun 20, 2022	Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4.
CVE-2022-2023	—	0.00	Jun 20, 2022	Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4.
CVE-2022-1947	—	0.01	May 31, 2022	Use of Incorrect Operator in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1808	—	0.01	May 31, 2022	Execution with Unnecessary Privileges in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1893	—	0.00	May 31, 2022	Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1926	—	0.00	May 31, 2022	Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1931	—	0.00	May 31, 2022	Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1752	—	0.00	May 21, 2022	Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1775	—	0.00	May 20, 2022	Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1803	—	0.00	May 20, 2022	Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1770	—	0.00	May 20, 2022	Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1754	—	0.00	May 20, 2022	Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1728	—	0.00	May 16, 2022	Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.
CVE-2022-1718	—	0.01	May 16, 2022	The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in GitHub repository polonel/trudesk prior to 1.2.2. This can lead to Denial of service.
CVE-2022-1719	—	0.00	May 16, 2022	Reflected XSS on ticket filter function in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability is capable of executing a malicious javascript code in web page
CVE-2022-1044	—	0.00	May 12, 2022	Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1.
CVE-2022-1045	—	0.00	Apr 11, 2022	Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0.
CVE-2022-1290	—	0.00	Apr 10, 2022	Stored XSS in "Name", "Group Name" & "Title" in GitHub repository polonel/trudesk prior to v1.2.0. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.

CVE-2022-2128Jun 20, 2022
risk 0.00cvss —epss 0.00
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4.
CVE-2022-2023Jun 20, 2022
risk 0.00cvss —epss 0.00
Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4.
CVE-2022-1947May 31, 2022
risk 0.00cvss —epss 0.01
Use of Incorrect Operator in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1808May 31, 2022
risk 0.00cvss —epss 0.01
Execution with Unnecessary Privileges in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1893May 31, 2022
risk 0.00cvss —epss 0.00
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1926May 31, 2022
risk 0.00cvss —epss 0.00
Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1931May 31, 2022
risk 0.00cvss —epss 0.00
Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1752May 21, 2022
risk 0.00cvss —epss 0.00
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1775May 20, 2022
risk 0.00cvss —epss 0.00
Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1803May 20, 2022
risk 0.00cvss —epss 0.00
Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1770May 20, 2022
risk 0.00cvss —epss 0.00
Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1754May 20, 2022
risk 0.00cvss —epss 0.00
Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1728May 16, 2022
risk 0.00cvss —epss 0.00
Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.
CVE-2022-1718May 16, 2022
risk 0.00cvss —epss 0.01
The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in GitHub repository polonel/trudesk prior to 1.2.2. This can lead to Denial of service.
CVE-2022-1719May 16, 2022
risk 0.00cvss —epss 0.00
Reflected XSS on ticket filter function in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability is capable of executing a malicious javascript code in web page
CVE-2022-1044May 12, 2022
risk 0.00cvss —epss 0.00
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1.
CVE-2022-1045Apr 11, 2022
risk 0.00cvss —epss 0.00
Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0.
CVE-2022-1290Apr 10, 2022
risk 0.00cvss —epss 0.00
Stored XSS in "Name", "Group Name" & "Title" in GitHub repository polonel/trudesk prior to v1.2.0. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.