exploitDog

GHSA-h49p-mcch-pq9g

Опубликовано: 22 авг. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.3

Описание

Cross-site Scripting (XSS) vulnerability in Visual Console Module of Pandora FMS could be used to hijack admin users session cookie values, carry out phishing attacks, etc. This issue affects Pandora FMS v767 version and prior versions on all platforms.

Cross-site Scripting (XSS) vulnerability in Visual Console Module of Pandora FMS could be used to hijack admin users session cookie values, carry out phishing attacks, etc. This issue affects Pandora FMS v767 version and prior versions on all platforms.

Ссылки

EPSS

Процентиль: 53%

0.00299

Низкий

6.3 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-24514

CVSS3: 6.3

nvd

больше 2 лет назад

Cross-site Scripting (XSS) vulnerability in Visual Console Module of Pandora FMS could be used to hijack admin users session cookie values, carry out phishing attacks, etc. This issue affects Pandora FMS v767 version and prior versions on all platforms.

EPSS

Процентиль: 53%

0.00299

Низкий

6.3 Medium

CVSS3

CVE ID

Дефекты

CWE-79