Описание
In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| xymon | fixed | 4.3.29-1 | package | |
| xymon | fixed | 4.3.28-5+deb10u1 | buster | package |
| xymon | fixed | 4.3.28-2+deb9u1 | stretch | package |
Примечания
https://lists.xymon.com/archive/2019-July/046570.html
Связанные уязвимости
CVSS3: 6.1
ubuntu
около 6 лет назад
In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter.
CVSS3: 6.1
nvd
около 6 лет назад
In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter.
CVSS3: 6.1
github
больше 3 лет назад
In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter.