|
Description
|
|
Two vulnerabilities have been reported in SpiceWorks, which can be exploited to conduct script insertion attacks.
1) Input passed via the title field to user_portal is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.
2) Input passed via the "value" POST parameter to settings/advanced/save_system_setting (when "name" is set "pdf_header_color", "editorId" is set to "pdf_header_color_inplace", and "authenticity_token" and "_pickaxe" are set) is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed.
The vulnerabilities are reported in versions prior to 7.2.00195.
|
