Vulnerabilities > Spiceworks > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-09 | CVE-2021-43609 | SQL Injection vulnerability in Spiceworks Help Desk Server An issue was discovered in Spiceworks Help Desk Server before 1.3.3. | 8.8 |
| 2020-09-15 | CVE-2020-23451 | Cross-Site Request Forgery (CSRF) vulnerability in Spiceworks Spiceworks Version <= 7.5.00107 is affected by CSRF which can lead to privilege escalation via "/settings/v1/users" function. | 8.8 |