Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

polonel/trudesk — Vulnerabilities & Security Advisories 18

All 18 CVE vulnerabilities found in polonel/trudesk, with AI-generated Chinese analysis, references, and POCs.

Vendor: polonel

CVE IDTitleCVSSSeverityPublished
CVE-2022-2128 Unrestricted Upload of File with Dangerous Type in polonel/trudesk CWE-434 8.0 -2022-06-20
CVE-2022-2023 Incorrect Use of Privileged APIs in polonel/trudesk CWE-648 8.8 -2022-06-20
CVE-2022-1947 Use of Incorrect Operator in polonel/trudesk CWE-480 6.5 -2022-05-31
CVE-2022-1808 Execution with Unnecessary Privileges in polonel/trudesk CWE-250 8.8 -2022-05-31
CVE-2022-1893 Improper Removal of Sensitive Information Before Storage or Transfer in polonel/trudesk CWE-212 4.6 Medium2022-05-31
CVE-2022-1926 Integer Overflow or Wraparound in polonel/trudesk CWE-190 7.5 -2022-05-31
CVE-2022-1931 Incorrect Synchronization in polonel/trudesk CWE-821 8.8 -2022-05-31
CVE-2022-1752 Unrestricted Upload of File with Dangerous Type in polonel/trudesk CWE-434 8.0 -2022-05-21
CVE-2022-1775 Weak Password Requirements in polonel/trudesk CWE-521 9.8 -2022-05-20
CVE-2022-1803 Improper Restriction of Rendered UI Layers or Frames in polonel/trudesk CWE-1021 8.2 -2022-05-20
CVE-2022-1770 Improper Privilege Management in polonel/trudesk CWE-269 8.8 -2022-05-20
CVE-2022-1754 Integer Overflow or Wraparound in polonel/trudesk CWE-190 7.5 -2022-05-20
CVE-2022-1728 Allowing long password leads to denial of service in polonel/trudesk in polonel/trudesk CWE-190 6.5 -2022-05-16
CVE-2022-1718 The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in polonel/trudesk CWE-190 6.5 -2022-05-16
CVE-2022-1719 Reflected XSS on ticket filter function in polonel/trudesk CWE-79 5.4 -2022-05-16
CVE-2022-1044 Sensitive Data Exposure Due To Insecure Storage Of Profile Image in polonel/trudesk CWE-922 5.7 -2022-05-12
CVE-2022-1045 Stored XSS viva .svg file upload in polonel/trudesk CWE-434 5.4 -2022-04-11
CVE-2022-1290 Stored XSS in "Name", "Group Name" & "Title" in polonel/trudesk CWE-79 5.4 -2022-04-10

All 18 known CVE vulnerabilities affecting polonel/trudesk with full Chinese analysis, references, and POCs where available.