Skip to main content

Topdesk

4 CVEs product

Monthly

CVE-2023-34923 HIGH POC This Week

XML Signature Wrapping (XSW) in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider (IP) to impersonate any TOPdesk. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Topdesk
NVD
CVSS 3.1
8.1
EPSS
0.7%
CVE-2018-10232 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in TOPdesk before 8.05.017 (June 2018 version) and before 5.7.SR9 allows remote attackers to hijack the authentication of authenticated users for. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Topdesk
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2018-10231 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in TOPdesk before 8.05.017 (June 2018 version) and before 5.7.SR9 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Topdesk
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2017-7276 MEDIUM This Month

There is reflected XSS in TOPdesk before 5.7.6 and 6.x and 7.x before 7.03.019. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Topdesk
NVD
CVSS 3.0
6.1
EPSS
0.3%
EPSS 1% CVSS 8.1
HIGH POC This Week

XML Signature Wrapping (XSW) in SAML-based Single Sign-on feature in TOPdesk v12.10.12 allows bad actors with credentials to authenticate with the Identity Provider (IP) to impersonate any TOPdesk. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Topdesk
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in TOPdesk before 8.05.017 (June 2018 version) and before 5.7.SR9 allows remote attackers to hijack the authentication of authenticated users for. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Topdesk
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in TOPdesk before 8.05.017 (June 2018 version) and before 5.7.SR9 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Topdesk
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

There is reflected XSS in TOPdesk before 5.7.6 and 6.x and 7.x before 7.03.019. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Topdesk
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy