Vulnerabilities > Spiceworks > Spiceworks > High

DATE CVE VULNERABILITY TITLE RISK
2020-09-15 CVE-2020-23451 Cross-Site Request Forgery (CSRF) vulnerability in Spiceworks
Spiceworks Version <= 7.5.00107 is affected by CSRF which can lead to privilege escalation via "/settings/v1/users" function.
network
low complexity
spiceworks CWE-352
8.8
8.8