Browse all 5 CVE security advisories affecting GestSup. AI-powered Chinese analysis, POCs, and references for each vulnerability.
GestSup is an IT help desk and asset management software designed for tracking technical issues and managing organizational resources. Historically, the application has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its five recorded CVEs. These weaknesses often stem from insufficient input validation and improper access controls. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests potential risks for organizations relying on the platform without implementing additional security measures or timely patching.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-22196 | GestSup < 3.2.60 SQL Injection in Ticket Creation — GestSupCWE-89 | 8.1 | - | 2026-01-09 |
| CVE-2026-22198 | GestSup < 3.2.60 Stored XSS in API Error Logs — GestSupCWE-79 | 6.1 | - | 2026-01-09 |
| CVE-2026-22197 | GestSup < 3.2.60 Multiple SQL Injections in Asset List — GestSupCWE-89 | 8.1 | - | 2026-01-09 |
| CVE-2026-22195 | GestSup < 3.2.60 SQL Injection in Search Bar — GestSupCWE-89 | 8.8 | - | 2026-01-09 |
| CVE-2026-22194 | GestSup <= 3.2.56 CSRF Allows Privileged Actions — GestSupCWE-352 | 8.8 | - | 2026-01-09 |
This page lists every published CVE security advisory associated with GestSup. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.