Multiple vulnerabilities found

[nunodsfernandes]

Is this a BUG REPORT or FEATURE REQUEST?:

• [ x ] BUG
• [ ] FEATURE

What happened: Scans found multiple vulnerabilities on a vanilla Trudesk install.

Packages:

[REDACTED]

GH Reference [REDACTED]

What did you expect to happen: Any mitigation for these issues?

How to reproduce it (as minimally and precisely as possible): This was the result of a scan conducted by an external tool (Wiz Scan).

Anything else we need to know?:

Environment:

• Trudesk Version: 1.2.9
• OS (e.g. from /etc/os-release): Ubuntu 20.04 LTS
• Node.JS Version: v10.24.1
• MongoDB Version: db version v3.6.23
• Is this hosted on cloud.trudesk.io: No

[polonel]

We utilize Synk for vulnerability patching/testing. There is already an active PR for Mongoose and the others are unverified.

Please email security vulnerabilities directly or report them on https://huntr.dev to prevent exposure before a patch is available from the third-party maintainer.

Thus I am deleting this issue and encourage you to report them to my email or https://huntr.dev