Spiceworks Version <= 7.5.00107 is affected by XSS. Any name typed on Custom Groups function is vulnerable to stored XSS as they displayed on http://127.0.0.1/inventory/groups/ without output sanitization.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-09-01T15:10:44
Updated: 2024-08-04T14:58:14.994Z
Reserved: 2020-08-13T00:00:00
Link: CVE-2020-23450
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-09-01T16:15:12.240
Modified: 2020-09-08T17:02:56.763
Link: CVE-2020-23450
Redhat
No data.