Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). Through an HTML payload (iframe tag) it is possible to carry out XSS attacks when the user receiving the messages opens their notifications. This issue affects Pandora FMS: from 700 through 774.
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: PandoraFMS

Published: 2023-12-29T11:45:23.493Z

Updated: 2023-12-29T11:45:23.493Z

Reserved: 2023-09-01T12:10:03.869Z


Link: CVE-2023-41814

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2023-12-29T12:15:43.487

Modified: 2024-01-05T04:51:23.907


Link: CVE-2023-41814

JSON object: View

cve-icon Redhat Information

No data.

CWE