Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
TruDesk Help Desk/Ticketing Solution v1.1.11 is vulnerable to a Cross-Site Request Forgery (CSRF) attack which would allow an attacker to restart the server, causing a DoS attack. The attacker must craft a webpage that would perform a GET request to the /api/v1/admin/restart endpoint, then the victim (who has sufficient privileges), would visit the page and the server restart would begin. The attacker must know the full URL that TruDesk is on in order to craft the webpage.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Trudesk 安全漏洞
Vulnerability Description
Trudesk是Trudesk公司的一个开源帮助台/票务解决方案。 TruDesk Help Desk/Ticketing Solution v1.1.11版本存在安全漏洞。攻击者利用该漏洞可以重启服务器,从而引发拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A