exploitDog

GHSA-qv5f-p8rc-6j2q

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Spiceworks Version <= 7.5.00107 is affected by XSS. Any name typed on Custom Groups function is vulnerable to stored XSS as they displayed on http://127.0.0.1/inventory/groups/ without output sanitization.

Spiceworks Version <= 7.5.00107 is affected by XSS. Any name typed on Custom Groups function is vulnerable to stored XSS as they displayed on http://127.0.0.1/inventory/groups/ without output sanitization.

Ссылки

EPSS

Процентиль: 62%

0.0043

Низкий

CVE ID

Связанные уязвимости

CVE-2020-23450

CVSS3: 5.4

nvd

больше 5 лет назад

Spiceworks Version <= 7.5.00107 is affected by XSS. Any name typed on Custom Groups function is vulnerable to stored XSS as they displayed on http://127.0.0.1/inventory/groups/ without output sanitization.

EPSS

Процентиль: 62%

0.0043

Низкий

CVE ID