18 matches found
EUVD-2023-41517
Malicious code in bioql PyPI...
CVE-2023-37635
UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application...
CVE-2024-3137 Improper Privilege Management in uvdesk/community-skeleton
Improper Privilege Management in uvdesk/community-skeleton...
PT-2024-24015 · Unknown · Uvdesk Community Skeleton
Name of the Vulnerable Software and Affected Versions: uvdesk/community-skeleton affected versions not specified Description: The issue concerns improper privilege management. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...
CVE-2023-37636
A stored cross-site scripting XSS vulnerability in UVDesk Community Skeleton v1.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field when creating a ticket...
CVE-2023-37635
UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application...
CVE-2023-37636
A stored cross-site scripting XSS vulnerability in UVDesk Community Skeleton v1.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field when creating a ticket...
Cross site scripting
A stored cross-site scripting XSS vulnerability in UVDesk Community Skeleton v1.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field when creating a ticket...
Code injection
UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application...
PT-2023-26052 · Unknown · Uvdesk Community Skeleton
Name of the Vulnerable Software and Affected Versions: UVDesk Community Skeleton version 1.1.1 Description: The issue allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application. This can be done through the login page, allowing attackers to...
CVE-2023-37636
CVE-2023-37636 concerns UVDesk Community Skeleton v1.1.1, with a stored XSS vulnerability in the Message field used when creating a ticket. The issue allows attackers to inject arbitrary web scripts/HTML, potentially affecting users who view crafted tickets. The primary technical detail across so...
CVE-2023-37636
A stored cross-site scripting XSS vulnerability in UVDesk Community Skeleton v1.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Message field when creating a ticket...
uvdesk/community-skeleton vulnerable to Stored Cross-site Scripting
Cross-site Scripting XSS - Stored in GitHub repository uvdesk/community-skeleton prior to 1.1.0...
CVE-2023-1197
Cross-site Scripting XSS - Stored in GitHub repository uvdesk/community-skeleton prior to 1.1.0...
Cross site scripting
Cross-site Scripting XSS - Stored in GitHub repository uvdesk/community-skeleton prior to 1.1.0...
CVE-2023-1197 Cross-site Scripting (XSS) - Stored in uvdesk/community-skeleton
Cross-site Scripting XSS - Stored in GitHub repository uvdesk/community-skeleton prior to 1.1.0...
CVE-2023-1197 Cross-site Scripting (XSS) - Stored in uvdesk/community-skeleton
Cross-site Scripting XSS - Stored in GitHub repository uvdesk/community-skeleton prior to 1.1.0...
PT-2023-16813 · Unknown · Uvdesk Community Skeleton
Name of the Vulnerable Software and Affected Versions: uvdesk/community-skeleton versions prior to 1.1.0 Description: The issue is related to Cross-site Scripting XSS - Stored, which occurs when an application stores user input and later displays it without proper validation or escaping, allowing...