Vulnerabilities > Uvdesk
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-23 | CVE-2023-37635 | Improper Restriction of Excessive Authentication Attempts vulnerability in Uvdesk Community-Skeleton 1.1.1 UVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application. | 9.8 |
2023-04-04 | CVE-2023-0265 | Unrestricted Upload of File with Dangerous Type vulnerability in Uvdesk Community-Skeleton 1.1.1 Uvdesk version 1.1.1 allows an authenticated remote attacker to execute commands on the server. | 8.8 |
2023-04-04 | CVE-2023-0325 | Cross-site Scripting vulnerability in Uvdesk Community-Skeleton 1.1.1 Uvdesk version 1.1.1 allows an unauthenticated remote attacker to exploit a stored XSS in the application. | 6.1 |
2023-03-06 | CVE-2023-1197 | Unspecified vulnerability in Uvdesk Community-Skeleton Cross-site Scripting (XSS) - Stored in GitHub repository uvdesk/community-skeleton prior to 1.1.0. | 4.8 |