CVE-2020-23451

Spiceworks Version <= 7.5.00107 is affected by CSRF which can lead to privilege escalation via "/settings/v1/users" function.
References
Link Resource
http://spiceworks.com Product
https://abuyv.com/cve/spiceworks-csrf-via-xss Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:spiceworks:spiceworks:*:*:*:*:*:*:*:*

Information

Published : 2020-09-15 07:15

Updated : 2020-09-18 13:21


NVD link : CVE-2020-23451

Mitre link : CVE-2020-23451


JSON object : View

CWE
CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

dedicated server usa

Products Affected

spiceworks

  • spiceworks