CVE-2020-25901

Medium

Host Header Injection in Spiceworks 7.5.7.0 allowing the attacker to render arbitrary links that point to a malicious website with poisoned…

mitre·CWE-601·Published 2020-12-18

CVSS

6.1

EPSS

0.05

KEV

Exploits

cve.orgen

161 chars

Host Header Injection in Spiceworks 7.5.7.0 allowing the attacker to render arbitrary links that point to a malicious website with poisoned Host header webpages.

NVDen

161 chars

Host Header Injection in Spiceworks 7.5.7.0 allowing the attacker to render arbitrary links that point to a malicious website with poisoned Host header webpages.

Una Inyección de Encabezado Host en Spiceworks versión 7.5.7.0, permite al atacante generar enlaces arbitrarios que apuntan hacia un sitio web malicioso con páginas web de encabezado Host envenenadas

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.8	8.6	4.9	AV:N/AC:M/Au:N/C:P/I:P/A:N
3.1	Primary	NVD	6.1	2.8	2.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N