PT-2022-14174 · Unknown · Polonel/Trudesk

Published

2022-05-31

Updated

2023-08-02

CVE-2022-1893

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions polonel/trudesk versions prior to 1.2.3

Description The issue concerns the exposure of sensitive information to unauthorized actors due to improper removal of sensitive information before storage or transfer. This affects the GitHub repository polonel/trudesk.

Recommendations For versions prior to 1.2.3, update to version 1.2.3 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information stored or transferred by the repository until the update is applied.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-212

Related Identifiers

CVE-2022-1893

Affected Products

Polonel/Trudesk

PT-2022-14174 · Unknown · Polonel/Trudesk

CVE-2022-1893

Weakness Enumeration

Related Identifiers

Affected Products

References · 7