Описание
Cross-site Scripting (XSS) vulnerability in Visual Console Module of Pandora FMS could be used to hijack admin users session cookie values, carry out phishing attacks, etc. This issue affects Pandora FMS v767 version and prior versions on all platforms.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 767 (включая)
cpe:2.3:a:pandorafms:pandora_fms:*:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00299
Низкий
6.3 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 6.3
github
больше 2 лет назад
Cross-site Scripting (XSS) vulnerability in Visual Console Module of Pandora FMS could be used to hijack admin users session cookie values, carry out phishing attacks, etc. This issue affects Pandora FMS v767 version and prior versions on all platforms.
EPSS
Процентиль: 53%
0.00299
Низкий
6.3 Medium
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
CWE-79