Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Create Ticket...
5.4CVSS
5.3AI Score
0.001EPSS
Reflected XSS on ticket filter function in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability is capable of executing a malicious javascript code in web...
5.4CVSS
5.3AI Score
0.001EPSS
The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in GitHub repository polonel/trudesk prior to 1.2.2. This can lead to Denial of...
7.5CVSS
7.3AI Score
0.003EPSS
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to...
9.8CVSS
9.5AI Score
0.002EPSS
9.8CVSS
9.6AI Score
0.002EPSS
6.5CVSS
6.5AI Score
0.001EPSS
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository polonel/trudesk prior to...
5.3CVSS
5.3AI Score
0.001EPSS
Execution with Unnecessary Privileges in GitHub repository polonel/trudesk prior to...
8.8CVSS
8.8AI Score
0.001EPSS
4.9CVSS
5.2AI Score
0.001EPSS
8.1CVSS
8.1AI Score
0.001EPSS
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to...
8CVSS
7.8AI Score
0.001EPSS
9.8CVSS
9.5AI Score
0.002EPSS
Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior to...
6.9CVSS
6.7AI Score
0.001EPSS
8.8CVSS
8.7AI Score
0.001EPSS
6.5CVSS
6.5AI Score
0.001EPSS
Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access...
6.5CVSS
6.4AI Score
0.001EPSS
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to...
6.5CVSS
6.4AI Score
0.001EPSS
5.4CVSS
5.2AI Score
0.001EPSS
Stored XSS in "Name", "Group Name" & "Title" in GitHub repository polonel/trudesk prior to v1.2.0. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and...
5.4CVSS
5.3AI Score
0.001EPSS