exploitDog

GHSA-m3jx-mhc8-m96j

Опубликовано: 23 нояб. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 8.4

Описание

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allowed users with low privileges to introduce Javascript executables via a translation string that could affect the integrity of some configuration files. This issue affects Pandora FMS: from 700 through 773.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allowed users with low privileges to introduce Javascript executables via a translation string that could affect the integrity of some configuration files. This issue affects Pandora FMS: from 700 through 773.

Ссылки

EPSS

Процентиль: 36%

0.00153

Низкий

8.4 High

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2023-41791

CVSS3: 8.4

nvd

около 2 лет назад

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allowed users with low privileges to introduce Javascript executables via a translation string that could affect the integrity of some configuration files. This issue affects Pandora FMS: from 700 through 773.

EPSS

Процентиль: 36%

0.00153

Низкий

8.4 High

CVSS3

CVE ID

Дефекты

CWE-79