Every CVE whose affected-product data names Re-desk Re:desk, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2020-15487 — CVSS 9.8 (critical): Re:Desk 2.3 contains a blind unauthenticated SQL injection vulnerability in the getBaseCriteria() function in the protected/models/Ticket.ph…
CVE-2020-15849 — CVSS 7.2 (high): Re:Desk 2.3 has a blind authenticated SQL injection vulnerability in the SettingsController class, in the actionEmailTemplates() method. A…