Skip to main content

Trudesk

19 CVEs product

Monthly

CVE-2023-26982 MEDIUM POC This Month

Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Create Ticket function. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Trudesk
NVD GitHub
CVSS 3.1
5.4
EPSS
1.0%
CVE-2022-1719 MEDIUM POC PATCH This Month

Reflected XSS on ticket filter function in GitHub repository polonel/trudesk prior to 1.2.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Trudesk
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-1718 HIGH POC PATCH This Week

The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Trudesk
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2022-2128 CRITICAL POC PATCH Act Now

Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

File Upload Trudesk
NVD GitHub
CVSS 3.1
9.8
EPSS
2.7%
CVE-2022-2023 CRITICAL POC PATCH Act Now

Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Trudesk
NVD GitHub
CVSS 3.1
9.8
EPSS
3.0%
CVE-2022-1947 MEDIUM POC PATCH This Month

Use of Incorrect Operator in GitHub repository polonel/trudesk prior to 1.2.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Trudesk
NVD GitHub
CVSS 3.1
6.5
EPSS
1.2%
CVE-2022-1893 MEDIUM POC PATCH This Month

Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository polonel/trudesk prior to 1.2.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Trudesk
NVD GitHub
CVSS 3.1
5.3
EPSS
0.8%
CVE-2022-1808 HIGH POC PATCH This Week

Execution with Unnecessary Privileges in GitHub repository polonel/trudesk prior to 1.2.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation Trudesk
NVD GitHub
CVSS 3.1
8.8
EPSS
3.4%
CVE-2022-1926 MEDIUM POC PATCH This Month

Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Trudesk
NVD GitHub
CVSS 3.1
4.9
EPSS
0.9%
CVE-2022-1931 HIGH POC PATCH This Week

Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Trudesk
NVD GitHub
CVSS 3.1
8.1
EPSS
2.0%
CVE-2022-1752 HIGH POC PATCH This Week

Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

File Upload Trudesk
NVD GitHub
CVSS 3.1
8.0
EPSS
2.2%
CVE-2022-1775 CRITICAL POC PATCH Act Now

Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Brute Force Information Disclosure Trudesk
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
CVE-2022-1803 MEDIUM POC PATCH This Month

Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior to 1.2.2. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Trudesk
NVD GitHub
CVSS 3.1
6.9
EPSS
1.5%
CVE-2022-1770 HIGH POC PATCH This Week

Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation Trudesk
NVD GitHub
CVSS 3.1
8.8
EPSS
2.4%
CVE-2022-1754 MEDIUM POC PATCH This Month

Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Trudesk
NVD GitHub
CVSS 3.1
6.5
EPSS
1.0%
CVE-2022-1728 MEDIUM POC PATCH This Month

Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Integer Overflow Trudesk
NVD GitHub
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-1044 MEDIUM POC PATCH This Month

Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Trudesk
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-1045 MEDIUM POC PATCH This Month

Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS File Upload Trudesk
NVD GitHub
CVSS 3.1
5.4
EPSS
1.6%
CVE-2022-1290 MEDIUM POC PATCH This Month

Stored XSS in "Name", "Group Name" & "Title" in GitHub repository polonel/trudesk prior to v1.2.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Information Disclosure Trudesk
NVD GitHub
CVSS 3.1
5.4
EPSS
1.6%
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Create Ticket function. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Trudesk
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC PATCH This Month

Reflected XSS on ticket filter function in GitHub repository polonel/trudesk prior to 1.2.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Trudesk
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Trudesk
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC PATCH Act Now

Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

File Upload Trudesk
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL POC PATCH Act Now

Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Trudesk
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

Use of Incorrect Operator in GitHub repository polonel/trudesk prior to 1.2.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Trudesk
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC PATCH This Month

Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository polonel/trudesk prior to 1.2.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Trudesk
NVD GitHub
EPSS 3% CVSS 8.8
HIGH POC PATCH This Week

Execution with Unnecessary Privileges in GitHub repository polonel/trudesk prior to 1.2.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation Trudesk
NVD GitHub
EPSS 1% CVSS 4.9
MEDIUM POC PATCH This Month

Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Trudesk
NVD GitHub
EPSS 2% CVSS 8.1
HIGH POC PATCH This Week

Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Trudesk
NVD GitHub
EPSS 2% CVSS 8.0
HIGH POC PATCH This Week

Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

File Upload Trudesk
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC PATCH Act Now

Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Brute Force Information Disclosure Trudesk
NVD GitHub
EPSS 2% CVSS 6.9
MEDIUM POC PATCH This Month

Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior to 1.2.2. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Trudesk
NVD GitHub
EPSS 2% CVSS 8.8
HIGH POC PATCH This Week

Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation Trudesk
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Trudesk
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Integer Overflow Trudesk
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Trudesk
NVD GitHub
EPSS 2% CVSS 5.4
MEDIUM POC PATCH This Month

Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS File Upload Trudesk
NVD GitHub
EPSS 2% CVSS 5.4
MEDIUM POC PATCH This Month

Stored XSS in "Name", "Group Name" & "Title" in GitHub repository polonel/trudesk prior to v1.2.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Information Disclosure Trudesk
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy