exploitDog

CVE-2023-41810

Опубликовано: 23 нояб. 2023

Источник: nvd

CVSS3: 4

CVSS3: 6.1

EPSS Низкий

Описание

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allowed Javascript code to be executed in some Widgets' text box. This issue affects Pandora FMS: from 700 through 773.

Ссылки

https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/
Vendor Advisory
https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:artica:pandora_fms:*:*:*:*:*:*:*:*

Версия от 700 (включая) до 773 (включая)

EPSS

Процентиль: 13%

0.00044

Низкий

4 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-hfw3-q2jj-8hfw

CVSS3: 4

github

около 2 лет назад

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allowed Javascript code to be executed in some Widgets' text box. This issue affects Pandora FMS: from 700 through 773.

EPSS

Процентиль: 13%

0.00044

Низкий

4 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79