Skip to main content

Insecure Storage of Sensitive Information

CVE-2022-1044

Severity High
Score 8.2/10

Summary

Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1.

  • LOW
  • NETWORK
  • LOW
  • CHANGED
  • REQUIRED
  • LOW
  • LOW
  • HIGH

CWE-922 - Insecure Storage of Sensitive Information

The software stores sensitive information without properly limiting read or write access by unauthorized actors.

References

Advisory Timeline

  • Published