CVE-2020-1548830.09.2020, 19:15Re:Desk 2.3 allows insecure file upload.EnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST7.5 HIGHNETWORKLOWNONECVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NmitreCNA------CVEADP------Awaiting analysisThis vulnerability is currently awaiting analysis.Base ScoreCVSS 3.xEPSS ScorePercentile: 47%Known Exploits!https://labs.f-secure.com/advisories/redesk-v2-3-multiple-issues/https://labs.f-secure.com/advisories/redesk-v2-3-multiple-issues/Common Weakness EnumerationCWE-434 - Unrestricted Upload of File with Dangerous TypeThe software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.Referenceshttps://labs.f-secure.com/advisories/redesk-v2-3-multiple-issues/https://www.re-desk.com/download-help-desk-software.htmlhttps://labs.f-secure.com/advisories/redesk-v2-3-multiple-issues/https://www.re-desk.com/download-help-desk-software.html