polonel/trudesk

GitHub

github.com

trudesk.io

Releases56

Frequency1 month 4 weeks

Last Release almost 2 years ago

Stars1.49K

:coffee: :seedling: Trudesk is an open-source help desk/ticketing solution.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-26982 ↗	Mar 29, 2023Wednesday, 29 March 2023, 15:15	5.4 MEDIUM	—
Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Create Ticket function.
CVE-2022-1718 ↗	Sep 29, 2022Thursday, 29 September 2022, 03:15	7.5 HIGH	—
The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in GitHub repository polonel/trudesk prior to 1.2.2. This can lead to Denial of service.
CVE-2022-1719 ↗	Sep 29, 2022Thursday, 29 September 2022, 03:15	5.4 MEDIUM	—
Reflected XSS on ticket filter function in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability is capable of executing a malicious javascript code in web page
CVE-2022-2128 ↗	Jun 20, 2022Monday, 20 June 2022, 17:15	9.8 CRITICAL	7.5 HIGH
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4.
CVE-2022-2023 ↗	Jun 20, 2022Monday, 20 June 2022, 04:15	9.8 CRITICAL	7.5 HIGH
Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4.
CVE-2022-1947 ↗	May 31, 2022Tuesday, 31 May 2022, 23:15	6.5 MEDIUM	4 MEDIUM
Use of Incorrect Operator in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1893 ↗	May 31, 2022Tuesday, 31 May 2022, 22:15	4.6 MEDIUM	5 MEDIUM
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1808 ↗	May 31, 2022Tuesday, 31 May 2022, 22:15	8.8 HIGH	6.5 MEDIUM
Execution with Unnecessary Privileges in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1926 ↗	May 31, 2022Tuesday, 31 May 2022, 09:15	4.9 MEDIUM	4 MEDIUM
Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1931 ↗	May 31, 2022Tuesday, 31 May 2022, 02:15	8.1 HIGH	5.5 MEDIUM
Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3.
CVE-2022-1752 ↗	May 21, 2022Saturday, 21 May 2022, 03:15	8 HIGH	6 MEDIUM
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1775 ↗	May 20, 2022Friday, 20 May 2022, 23:15	9.8 CRITICAL	7.5 HIGH
Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1803 ↗	May 20, 2022Friday, 20 May 2022, 22:16	6.9 MEDIUM	4.9 MEDIUM
Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1770 ↗	May 20, 2022Friday, 20 May 2022, 18:15	8.8 HIGH	6.5 MEDIUM
Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1754 ↗	May 20, 2022Friday, 20 May 2022, 07:15	6.5 MEDIUM	4 MEDIUM
Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1728 ↗	May 16, 2022Monday, 16 May 2022, 15:15	6.5 MEDIUM	4 MEDIUM
Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications.
CVE-2022-1044 ↗	May 12, 2022Thursday, 12 May 2022, 08:15	6.5 MEDIUM	4.3 MEDIUM
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1.
CVE-2022-1045 ↗	Apr 11, 2022Monday, 11 April 2022, 07:15	5.4 MEDIUM	3.5 LOW
Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0.
CVE-2022-1290 ↗	Apr 10, 2022Sunday, 10 April 2022, 16:15	5.4 MEDIUM	3.5 LOW
Stored XSS in "Name", "Group Name" & "Title" in GitHub repository polonel/trudesk prior to v1.2.0. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.