Описание
Cross-site Scripting (XSS) vulnerability in Syslog Section of Pandora FMS allows attacker to cause that users cookie value will be transferred to the attackers users server. This issue affects Pandora FMS v767 version and prior versions on all platforms.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 767 (включая)
cpe:2.3:a:pandorafms:pandora_fms:*:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00257
Низкий
6.7 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 6.7
github
больше 2 лет назад
Cross-site Scripting (XSS) vulnerability in Syslog Section of Pandora FMS allows attacker to cause that users cookie value will be transferred to the attackers users server. This issue affects Pandora FMS v767 version and prior versions on all platforms.
EPSS
Процентиль: 49%
0.00257
Низкий
6.7 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79