| Max CVSS | 6.8 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-23451 | 6.8 |
Spiceworks Version <= 7.5.00107 is affected by CSRF which can lead to privilege escalation via "/settings/v1/users" function.
|
18-09-2020 - 20:21 | 15-09-2020 - 14:15 | |
| CVE-2020-23450 | 3.5 |
Spiceworks Version <= 7.5.00107 is affected by XSS. Any name typed on Custom Groups function is vulnerable to stored XSS as they displayed on http://127.0.0.1/inventory/groups/ without output sanitization.
|
08-09-2020 - 17:02 | 01-09-2020 - 16:15 |