Help Desk Server: Elasticsearch log4j vulnerability
Note: See this post for our latest updates to the broader evolving log4j2 vulnerability situation.--Publish Date: Dec. 14, 2021SummaryWe're investigating the log4j vulnerability and potential impacts...
View ArticleCloud Help Desk & Community Elasticsearch log4j vulnerability
Note: Also see this post for our latest updates to the broader evolving log4j2 vulnerability situation.--Publish Date: Dec. 17, 2021SummaryWe have investigated the log4j vulnerability, and have taken...
View ArticleCloud Help Desk erroneously CC'd email addresses
Publish Date: Aug 10, 2022SummaryWe were made aware of an issue in the Spiceworks Cloud Help Desk (CHD) in which, when a certain set of actions were taken, recipients within your organization could be...
View ArticleCommunity & Cloud Help Desk XSS vulnerabilities
Publish Date: Aug 30, 2022SummaryWe've identified and fixed multiple issues in Cloud Help Desk and Community that could present a stored cross-site scripting (XSS) vulnerability. Areas with...
View ArticleCloud Help Desk XSS and HTML injection vulnerabilities
Publish Date: Sept 8, 2022SummaryWe've identified and fixed multiple issues in Cloud Help Desk. One that could present a stored cross-site scripting (XSS) vulnerability and one HTML injection...
View Article