threat
engine
.sh
Back
·
··:··
Home
/
Product
/
trudesk project trudesk
Product
trudesk project trudesk
20 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2021-45785
all versions
TruDesk Help Desk/Ticketing Solution v1.1.11 is vulnerable to a Cross-Site Request Forgery (CSRF) attack which would allow an atta
6.5
MEDIUM
CVE-2023-26982
all versions
Trudesk v1.2.6 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Tags parameter under the Cr
5.4
MEDIUM
CVE-2022-1719
< 1.2.2
Reflected XSS on ticket filter function in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability is capable of exec
5.4
MEDIUM
CVE-2022-1718
< 1.2.2
The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attac
7.5
HIGH
CVE-2022-2128
< 1.2.4
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4.
9.8
CRITICAL
CVE-2022-2023
< 1.2.4
Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4.
9.8
CRITICAL
CVE-2022-1947
< 1.2.3
Use of Incorrect Operator in GitHub repository polonel/trudesk prior to 1.2.3.
6.5
MEDIUM
CVE-2022-1893
< 1.2.3
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository polonel/trudesk prior to 1.2.3.
4.6
MEDIUM
CVE-2022-1808
< 1.2.3
Execution with Unnecessary Privileges in GitHub repository polonel/trudesk prior to 1.2.3.
8.8
HIGH
CVE-2022-1926
< 1.2.3
Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3.
4.9
MEDIUM
CVE-2022-1931
< 1.2.3
Incorrect Synchronization in GitHub repository polonel/trudesk prior to 1.2.3.
8.1
HIGH
CVE-2022-1752
< 1.2.2
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2.
8.0
HIGH
CVE-2022-1775
< 1.2.2
Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2.
9.8
CRITICAL
CVE-2022-1803
< 1.2.2
Improper Restriction of Rendered UI Layers or Frames in GitHub repository polonel/trudesk prior to 1.2.2.
6.9
MEDIUM
CVE-2022-1770
< 1.2.2
Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2.
8.8
HIGH
CVE-2022-1754
< 1.2.2
Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2.
6.5
MEDIUM
CVE-2022-1728
< 1.2.2
Allowing long password leads to denial of service in polonel/trudesk in GitHub repository polonel/trudesk prior to 1.2.2. This vul
6.5
MEDIUM
CVE-2022-1044
< 1.2.1
Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1.
6.5
MEDIUM
CVE-2022-1045
< 1.2.0
Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0.
5.4
MEDIUM
CVE-2022-1290
< 1.2.0
Stored XSS in "Name", "Group Name" & "Title" in GitHub repository polonel/trudesk prior to v1.2.0. This allows attackers to execut
5.4
MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin