CVE-2022-1752 — CVSS 8.0 (high): Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2022-1718 — CVSS 7.5 (high): The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to…
CVE-2022-1803 — CVSS 6.9 (medium): Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior to 1.2.2.
CVE-2021-45785 — CVSS 6.5 (medium): TruDesk Help Desk/Ticketing Solution v1.1.11 is vulnerable to a Cross-Site Request Forgery (CSRF) attack which would allow an attacker to…
CVE-2022-1044 — CVSS 6.5 (medium): Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1.
CVE-2022-1728 — CVSS 6.5 (medium): Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This…
CVE-2022-1719 — CVSS 5.4 (medium): Reflected XSS on ticket filter function in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability is capable of executing a…
CVE-2023-26982 — CVSS 5.4 (medium): Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Create…
CVE-2022-1290 — CVSS 5.4 (medium): Stored XSS in "Name", "Group Name" & "Title" in GitHub repository polonel/trudesk prior to v1.2.0. This allows attackers to execute…
CVE-2022-1893 — CVSS 4.6 (medium): Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository polonel/trudesk prior to 1.2.3.