exploitDog

GHSA-9mw4-fp5g-pcj4

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Spiceworks Version <= 7.5.00107 is affected by CSRF which can lead to privilege escalation via "/settings/v1/users" function.

Spiceworks Version <= 7.5.00107 is affected by CSRF which can lead to privilege escalation via "/settings/v1/users" function.

Ссылки

EPSS

Процентиль: 35%

0.00145

Низкий

CVE ID

Связанные уязвимости

CVE-2020-23451

CVSS3: 8.8

nvd

больше 5 лет назад

Spiceworks Version <= 7.5.00107 is affected by CSRF which can lead to privilege escalation via "/settings/v1/users" function.

EPSS

Процентиль: 35%

0.00145

Низкий

CVE ID