uvdesk/community-skeleton

uvdesk/community-skeleton

Releases26

Frequency2 months 3 weeks

Last Release 9 months ago

Stars18.7K

UVdesk Open Source Community Helpdesk is a comprehensive ticketing support system designed for everyone, offering robust features to streamline customer support and collaboration.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-0265 ↗	Apr 4, 2023Tuesday, 4 April 2023, 22:15	8.8 HIGH	—
Uvdesk version 1.1.1 allows an authenticated remote attacker to execute commands on the server. This is possible because the application does not properly validate profile pictures uploaded by customers.
CVE-2023-0325 ↗	Apr 4, 2023Tuesday, 4 April 2023, 22:15	6.1 MEDIUM	—
Uvdesk version 1.1.1 allows an unauthenticated remote attacker to exploit a stored XSS in the application. This is possible because the application does not correctly validate the message sent by the clients in the ticket.
CVE-2023-1197 ↗	Mar 6, 2023Monday, 6 March 2023, 16:15	4.8 MEDIUM	—
Cross-site Scripting (XSS) - Stored in GitHub repository uvdesk/community-skeleton prior to 1.1.0.