Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). Through an HTML payload (iframe tag) it is possible to carry out XSS attacks when the user receiving the messages opens their notifications. This issue affects Pandora FMS: from 700 through 774.
References
Link | Resource |
---|---|
https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: PandoraFMS
Published: 2023-12-29T11:45:23.493Z
Updated: 2023-12-29T11:45:23.493Z
Reserved: 2023-09-01T12:10:03.869Z
Link: CVE-2023-41814
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-12-29T12:15:43.487
Modified: 2024-01-05T04:51:23.907
Link: CVE-2023-41814
JSON object: View
Redhat Information
No data.
CWE