Vulnerabilities > Spiceworks > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-18 | CVE-2020-25901 | Open Redirect vulnerability in Spiceworks 7.5.7.0 Host Header Injection in Spiceworks 7.5.7.0 allowing the attacker to render arbitrary links that point to a malicious website with poisoned Host header webpages. | 6.1 |
| 2020-09-01 | CVE-2020-23450 | Cross-site Scripting vulnerability in Spiceworks Spiceworks Version <= 7.5.00107 is affected by XSS. | 5.4 |
| 2017-04-10 | CVE-2015-6021 | Cross-site Scripting vulnerability in Spiceworks Desktop Spiceworks Desktop before 2015-12-01 has XSS via an SNMP response. | 6.1 |