Community Skeleton
by Uvdesk
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-37635 | 0.01 | — | 0.01 | Oct 23, 2023 | UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application. | |||
| CVE-2023-37636 | 0.00 | — | 0.00 | Oct 23, 2023 | A stored cross-site scripting (XSS) vulnerability in UVDesk Community Skeleton v1.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field when creating a ticket. | |||
| CVE-2023-1197 | 0.00 | — | 0.00 | Mar 6, 2023 | Cross-site Scripting (XSS) - Stored in GitHub repository uvdesk/community-skeleton prior to 1.1.0. |
- CVE-2023-37635Oct 23, 2023risk 0.01cvss —epss 0.01
UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application.
- CVE-2023-37636Oct 23, 2023risk 0.00cvss —epss 0.00
A stored cross-site scripting (XSS) vulnerability in UVDesk Community Skeleton v1.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field when creating a ticket.
- CVE-2023-1197Mar 6, 2023risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) - Stored in GitHub repository uvdesk/community-skeleton prior to 1.1.0.