Medium severity6.1NVD Advisory· Published Dec 18, 2020· Updated Jun 17, 2026
CVE-2020-25901
CVE-2020-25901
Description
Host Header Injection in Spiceworks 7.5.7.0 allowing the attacker to render arbitrary links that point to a malicious website with poisoned Host header webpages.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Spiceworks/Spiceworksdescription
- Range: = 7.5.7.0
Patches
Vulnerability mechanics
References
3- packetstormsecurity.com/files/160631/Spiceworks-7.5-HTTP-Header-Injection.htmlnvdExploitTechnical DescriptionThird Party AdvisoryVDB Entry
- frontend.spiceworks.com/topic/2309457-desktop-host-header-injection-vulnerabilitynvdExploitVendor Advisory
- github.com/Ramikan/Vulnerabilities/blob/master/Spiceworks%20version%207.5%20HTTP%20Header%20InjectionnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.