Security Advisory

CVE-2020-23450

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-09-01 15:10:44

Last updated 2024-08-04 14:58:14

Assigner mitre

State PUBLISHED

Description

Spiceworks Version <= 7.5.00107 is affected by XSS. Any name typed on Custom Groups function is vulnerable to stored XSS as they displayed on http://127.0.0.1/inventory/groups/ without output sanitization.

← Browse all CVEs View on cve.org ↗