Shodan
Vulnerabilities
Vulnerable Software
Spiceworks:  >> Spiceworks  >> 7.3  Security Vulnerabilities
CVE-2020-23451
Spiceworks Version <= 7.5.00107 is affected by CSRF which can lead to privilege escalation via "/settings/v1/users" function.
CVSS Score
8.8
EPSS Score
0.001
Published
2020-09-15
CVE-2020-23450
Spiceworks Version <= 7.5.00107 is affected by XSS. Any name typed on Custom Groups function is vulnerable to stored XSS as they displayed on http://127.0.0.1/inventory/groups/ without output sanitization.
CVSS Score
5.4
EPSS Score
0.004
Published
2020-09-01


Products
Pricing
Contact Us

Shodan ® - All rights reserved