Описание
Cross-site scripting in Centreon
Centreon version 20.10.2 is affected by a cross-site scripting (XSS) vulnerability. The dep_description (Dependency Description) and dep_name (Dependency Name) parameters are vulnerable to stored XSS. A user has to log in and go to the Configuration > Notifications > Hosts page.
Пакеты
Наименование
centreon/centreon
composer
Затронутые версииВерсия исправления
< 20.10.7
20.10.7
Связанные уязвимости
CVSS3: 5.4
nvd
больше 4 лет назад
Centreon version 20.10.2 is affected by a cross-site scripting (XSS) vulnerability. The dep_description (Dependency Description) and dep_name (Dependency Name) parameters are vulnerable to stored XSS. A user has to log in and go to the Configuration > Notifications > Hosts page.