{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-01-09T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java in OpenNMS 1.8.x before 1.8.17, 1.9.93 and earlier, and 1.10.x before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via the Username field, related to login."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "78454", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/78454"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://issues.opennms.org/browse/NMS-5128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel#issue-tabs"}, {"name": "51632", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/51632"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://issues.opennms.org/browse/NMS/fixforversion/10824#atl_token=BCL8-RCDX-MB62-2EZT%7C38eaf469042162355c28f5393587690a8388d556%7Clout&selectedTab=com.atlassian.jira.plugin.system.project%3Aversion-summary-panel"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://fisheye.opennms.org/browse/opennms/features/springframework-security/src/main/java/org/opennms/web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java?r2=d2ce15470cb6c87c115c918eb86ef147486a9166&r1=80b80e110e4bce568fc2c6c0a15a"}, {"name": "47646", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/47646"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://issues.opennms.org/browse/NMS/fixforversion/10825"}, {"name": "opennms-username-xss(72625)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72625"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-0936", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java in OpenNMS 1.8.x before 1.8.17, 1.9.93 and earlier, and 1.10.x before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via the Username field, related to login."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "78454", "refsource": "OSVDB", "url": "http://osvdb.org/78454"}, {"name": "http://issues.opennms.org/browse/NMS-5128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel#issue-tabs", "refsource": "CONFIRM", "url": "http://issues.opennms.org/browse/NMS-5128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel#issue-tabs"}, {"name": "51632", "refsource": "BID", "url": "http://www.securityfocus.com/bid/51632"}, {"name": "http://issues.opennms.org/browse/NMS/fixforversion/10824#atl_token=BCL8-RCDX-MB62-2EZT%7C38eaf469042162355c28f5393587690a8388d556%7Clout&selectedTab=com.atlassian.jira.plugin.system.project%3Aversion-summary-panel", "refsource": "CONFIRM", "url": "http://issues.opennms.org/browse/NMS/fixforversion/10824#atl_token=BCL8-RCDX-MB62-2EZT%7C38eaf469042162355c28f5393587690a8388d556%7Clout&selectedTab=com.atlassian.jira.plugin.system.project%3Aversion-summary-panel"}, {"name": "http://fisheye.opennms.org/browse/opennms/features/springframework-security/src/main/java/org/opennms/web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java?r2=d2ce15470cb6c87c115c918eb86ef147486a9166&r1=80b80e110e4bce568fc2c6c0a15a", "refsource": "CONFIRM", "url": "http://fisheye.opennms.org/browse/opennms/features/springframework-security/src/main/java/org/opennms/web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java?r2=d2ce15470cb6c87c115c918eb86ef147486a9166&r1=80b80e110e4bce568fc2c6c0a15a"}, {"name": "47646", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/47646"}, {"name": "http://issues.opennms.org/browse/NMS/fixforversion/10825", "refsource": "CONFIRM", "url": "http://issues.opennms.org/browse/NMS/fixforversion/10825"}, {"name": "opennms-username-xss(72625)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72625"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T18:45:25.990Z"}, "title": "CVE Program Container", "references": [{"name": "78454", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/78454"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://issues.opennms.org/browse/NMS-5128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel#issue-tabs"}, {"name": "51632", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/51632"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://issues.opennms.org/browse/NMS/fixforversion/10824#atl_token=BCL8-RCDX-MB62-2EZT%7C38eaf469042162355c28f5393587690a8388d556%7Clout&selectedTab=com.atlassian.jira.plugin.system.project%3Aversion-summary-panel"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://fisheye.opennms.org/browse/opennms/features/springframework-security/src/main/java/org/opennms/web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java?r2=d2ce15470cb6c87c115c918eb86ef147486a9166&r1=80b80e110e4bce568fc2c6c0a15a"}, {"name": "47646", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/47646"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://issues.opennms.org/browse/NMS/fixforversion/10825"}, {"name": "opennms-username-xss(72625)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72625"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-0936", "datePublished": "2012-01-29T02:00:00.000Z", "dateReserved": "2012-01-28T00:00:00.000Z", "dateUpdated": "2024-08-06T18:45:25.990Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opennms.org:opennms:1.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "E825AF81-4946-4C22-8484-52B69CCF4006", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "6B917DE1-CEA0-4BC4-9697-3A2719E65DC7", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "FDFF1558-4EBB-4DE5-B440-B98C2C6DA414", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "418D5C9C-1E98-4D6E-8A97-3871F62C2DCC", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "7D318778-18CF-48F4-A20C-FADFCCE05750", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "700B7746-9584-4DFD-8AAF-8D792D5138B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "046E274A-A971-43C2-8388-DC533B193EE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "D691D5C3-F5B9-46CE-976E-5A5E732369F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.8.8:*:*:*:*:*:*:*", "matchCriteriaId": "197B6AED-0069-421D-AAD2-D2C6FA30BD8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.8.9:*:*:*:*:*:*:*", "matchCriteriaId": "60DA7B55-C887-4C4A-AA6E-7AB06F8E2429", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.8.10:*:*:*:*:*:*:*", "matchCriteriaId": "C83E73C5-2931-4169-9A9B-3E05E7C2EE10", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.8.11:*:*:*:*:*:*:*", "matchCriteriaId": "315ED0B6-470D-48A6-B18F-DB59330388B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.8.12:*:*:*:*:*:*:*", "matchCriteriaId": "7216FA4B-57AB-44B9-B09A-B56CAF2F08A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.8.13:*:*:*:*:*:*:*", "matchCriteriaId": "1948CF39-A9C7-4DAA-BE1F-302EEB998A22", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.8.14:*:*:*:*:*:*:*", "matchCriteriaId": "5AEF986F-4766-45C0-B6CF-C54A9DEB96B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.8.15:*:*:*:*:*:*:*", "matchCriteriaId": "31DE064C-9420-4780-A56D-845F939091A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.8.16:*:*:*:*:*:*:*", "matchCriteriaId": "FE36D459-F4B0-45B6-8EF3-4984E01412C5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opennms.org:opennms:*:*:*:*:*:*:*:*", "matchCriteriaId": "1E9B6A3C-CC65-483C-A385-57BB64B1A8BD", "versionEndIncluding": "1.9.93", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "97EA1897-DF5D-4453-B55D-DD7173F224E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "1B04A714-C18E-4081-B931-B468EBF99615", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "E41B6C69-9CA2-4300-ABC9-0514C3085BBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "73AC5DDC-2836-4292-A61B-278580C00360", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "694086A9-1AC4-4C48-97D5-0817AB85CDCC", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.6.1--2:*:*:*:*:*:*:*", "matchCriteriaId": "DEA8CAF7-BAEB-4881-B9C8-ED9B7504E3B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "CAE4FE99-ACF9-4EE2-80E6-901F7F997CC2", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "E0ECC6AB-1C34-412D-AB6C-D73033890D00", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "FCF80FB3-53A6-4140-8F57-F42659B825E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "0829F6AA-76AA-41A7-94BD-422176FBF32C", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.7.5:*:*:*:*:*:*:*", "matchCriteriaId": "C264422C-769D-4AA0-B779-987FB2C734AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "BEAC69AA-6B16-46C5-9141-9F8DE2C23D76", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "16FBA8AA-3A2A-467D-A387-906439AA3081", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "55A46961-3731-4EEF-AA2A-203F3E5F1E00", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "61C13E43-A4D6-4A8E-A242-9AE011F842C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "79043AD0-32C1-4461-B632-1E01DA73DDD9", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "E08C0D43-CA27-4767-BB79-40A7B58E1AC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "8EEB4318-BAA7-407E-B31F-DB870813828A", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "21C08F54-37D9-4F3F-BC16-3E45FCB30A84", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "1A830BAC-E473-4F50-BCA0-9BB999DE0C35", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:0.9.9:*:*:*:*:*:*:*", "matchCriteriaId": "AA04D901-54D2-4F3B-AD80-EA7F6FF03B3C", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "82811A49-992E-4034-B426-CA202EC36E78", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "8B9B8D40-34A6-4405-8C0A-D4819E706677", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "FB987FB8-F30C-42F4-88D5-7B1FB005FA69", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "593A7088-0A25-421C-ACB6-ACC3326A894F", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E3D55CA3-1EAC-4042-9910-9B03EE9EFE8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "778C09CD-4A28-4509-A2B1-FFA363BAFA43", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "88A5E335-D4E3-4CED-8E1D-E6F6180FEDC6", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "EE86D63E-9DD9-48A9-94F8-7A4DAC7C213D", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "C843F51A-9935-4126-BACA-2A6D056552BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "B9DD1BCA-4782-4629-896C-C5D0864DBE98", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "8B07DB5C-1D6F-4E0B-95D0-438714559B26", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "5AB58BD6-7B40-4AAD-AFF0-E6C545D84F1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "73B904FB-45A7-44DF-8B0C-D21CDD988907", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "EFEB4C76-58B0-4E6E-9631-61F5538DC01C", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "E563A970-B22F-4E5A-A14B-724217443AFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "3D01DD8D-0080-4FC7-AD32-590657EF7392", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "53196AF6-9E5A-48A3-BD55-B4502ED4AB50", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "A45346F9-30CD-418C-BB3C-53003287A368", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "1683248D-D9B8-41FC-8F38-749775CDADDC", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "D5AAC301-7407-47A3-896D-2406DCBB4E21", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "DBFA2AAA-B6EE-4DA4-9B26-E010B66BB7CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "63750949-CB53-4765-ACC2-B0C07D8AF304", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "10FC31B4-782F-47F4-96B3-999FF540A27E", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "F2AA5CF2-931B-4C67-B0AD-620E46986C05", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "8A80CAD2-89EC-4301-8122-36D61780E7D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "6B9EEE4F-4D5B-4278-A8A6-8BCE74868448", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "186B870F-B510-4C29-9938-15C65759CBA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "1E90D068-7C47-47D5-B7D9-5CADC8EDF981", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "90DD9C66-275C-4B8D-86EE-D3AFD5692C84", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "FFE194CE-BCB3-4AEC-A416-6C75815BC5B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "D1C26D1E-348A-4F52-8253-C5089FBD1DB7", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.5.90:*:*:*:*:*:*:*", "matchCriteriaId": "1D30261B-96A6-4A53-B769-988A7DC47975", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.5.91:*:*:*:*:*:*:*", "matchCriteriaId": "3399DFDD-C77C-445B-A5B4-890F8991D513", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.5.92:*:*:*:*:*:*:*", "matchCriteriaId": "31785E64-3255-49D6-9441-5704D572C14C", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.5.93:*:*:*:*:*:*:*", "matchCriteriaId": "95126302-E8ED-400E-AAAD-FA97A98FB21A", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.5.94:*:*:*:*:*:*:*", "matchCriteriaId": "1A2C255E-DD67-44F1-8D68-7C4998564709", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.5.95:*:*:*:*:*:*:*", "matchCriteriaId": "F6901626-0EF9-43BD-8647-9431D25DEE05", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.5.96:*:*:*:*:*:*:*", "matchCriteriaId": "F6E3BEEA-AA2F-4E23-8A73-061657E1FBCA", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.5.97:*:*:*:*:*:*:*", "matchCriteriaId": "E5697608-590A-47AC-A5DA-E7DFA31E1615", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.5.98:*:*:*:*:*:*:*", "matchCriteriaId": "89B428E5-E80D-4EA3-B5BE-8927593AF96E", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.5.99:*:*:*:*:*:*:*", "matchCriteriaId": "B986479B-E15B-4789-9EFC-4A222EA7F664", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "F2886143-6876-4FD4-B710-7ED54EBEA5C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "0E11EDEC-766D-4FC6-BE98-50D2FFBB1426", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "7AA3B886-BB8D-4F3D-A41D-320D94ECF4E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "4B53105C-B1DD-44B6-A3F4-1D8B40C30DC7", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "36A5E3A2-BF66-4B96-84A5-35E91090A487", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "D9B57EDA-3B8E-4C4E-BDC0-DAE2692FB670", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "6CE32BC6-34D4-43F6-BE43-AE3AF14302C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "29AB88BD-3518-4629-A12F-B4E8E8E86A35", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.6.8:*:*:*:*:*:*:*", "matchCriteriaId": "2DDC9DF7-7E6E-43E1-A968-6F0FE30D6418", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.6.9:*:*:*:*:*:*:*", "matchCriteriaId": "7212AF36-4A8F-47C2-9747-E6EC4CA96C6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.6.10:*:*:*:*:*:*:*", "matchCriteriaId": "347D132F-1B0A-44A0-B9A8-824A9E27127F", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.6.11:*:*:*:*:*:*:*", "matchCriteriaId": "E004041C-076F-480D-BE1C-A1BA6FD3B91C", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C48BCC11-3115-4DED-9ABF-993E5645B99D", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "73A00AB9-A3FE-440B-9390-1BE4331ECC6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "8D51256A-C92F-4F96-99EC-4C9BAA4957B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "2BD05E31-BBC6-4856-ACCB-9E0231451170", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "56C99610-6DAD-4A59-9FFA-C00525B9DCEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.7.5:*:*:*:*:*:*:*", "matchCriteriaId": "B449BEC7-BC9D-4868-94EF-48EA4F15070C", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "C6F124F6-9104-4754-BE82-A2478A251AA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "F24AB63B-DE0C-4FAC-A50B-E5B626753FE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "62EF8E74-8778-4CDB-8627-9590FD947600", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.7.9:*:*:*:*:*:*:*", "matchCriteriaId": "C85D3FAC-73C2-4AF4-A288-41AB98D6FB09", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.7.10:*:*:*:*:*:*:*", "matchCriteriaId": "A0C3FFBB-3113-4769-AF4C-E288C36DBD97", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.7.90:*:*:*:*:*:*:*", "matchCriteriaId": "9F7A3F4B-B6CA-4182-97F2-3FB0D76D7B41", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.7.91:*:*:*:*:*:*:*", "matchCriteriaId": "3D8F397A-38FE-4206-B69D-5DB8945CBE18", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.7.92:*:*:*:*:*:*:*", "matchCriteriaId": "B7DA6ED3-A403-46E4-BD0D-6754CFF8B09E", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "541624B9-6E66-4EB2-BF47-23E9346143C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "0CCF9B6B-6490-459E-AD76-358C439E8C12", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "C4A3A2CE-FFBB-4B12-8546-42E8127265A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "6E36561D-BB7E-493E-81AB-D2A78DE9CDE5", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "D5682366-174C-4878-A269-BCEBD21B4829", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "3D55DCB9-A232-4A79-BF82-1FE6397E7097", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "696EF433-E221-49E1-9AC3-E1A22CF65DC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "6285A953-78A0-4DB6-AC4B-916253789F40", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.9.8:*:*:*:*:*:*:*", "matchCriteriaId": "C1922ADA-0DE2-4E92-B65B-6D9B91EFA850", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.9.90:*:*:*:*:*:*:*", "matchCriteriaId": "FB710C7E-9EC6-4CC0-9882-11B0B9A0CA63", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.9.91:*:*:*:*:*:*:*", "matchCriteriaId": "A6C474B6-06FB-4B70-9AD0-6F05B9753C08", "vulnerable": true}, {"criteria": "cpe:2.3:a:opennms.org:opennms:1.9.92:*:*:*:*:*:*:*", "matchCriteriaId": "9EE68672-1005-4274-A408-9149EC6A86C3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opennms.org:opennms:1.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "E823257F-56E8-49AF-B243-C9A2D2BBDD33", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java in OpenNMS 1.8.x before 1.8.17, 1.9.93 and earlier, and 1.10.x before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via the Username field, related to login."}, {"lang": "es", "value": "Una vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java en OpenNMS v1.8.x antes de v1.8.17, v1.9.93 y anteriores, y v1.10.x antes de v1.10.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del campo de nombre de usuario (Username). Se trata de un problema relacionado con el inicio de sesi\u00f3n."}], "id": "CVE-2012-0936", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2012-01-29T04:04:45.313", "references": [{"source": "cve@mitre.org", "url": "http://fisheye.opennms.org/browse/opennms/features/springframework-security/src/main/java/org/opennms/web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java?r2=d2ce15470cb6c87c115c918eb86ef147486a9166&r1=80b80e110e4bce568fc2c6c0a15a"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://issues.opennms.org/browse/NMS-5128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel#issue-tabs"}, {"source": "cve@mitre.org", "url": "http://issues.opennms.org/browse/NMS/fixforversion/10824#atl_token=BCL8-RCDX-MB62-2EZT%7C38eaf469042162355c28f5393587690a8388d556%7Clout&selectedTab=com.atlassian.jira.plugin.system.project%3Aversion-summary-panel"}, {"source": "cve@mitre.org", "url": "http://issues.opennms.org/browse/NMS/fixforversion/10825"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/78454"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47646"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/51632"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72625"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://fisheye.opennms.org/browse/opennms/features/springframework-security/src/main/java/org/opennms/web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java?r2=d2ce15470cb6c87c115c918eb86ef147486a9166&r1=80b80e110e4bce568fc2c6c0a15a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://issues.opennms.org/browse/NMS-5128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel#issue-tabs"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://issues.opennms.org/browse/NMS/fixforversion/10824#atl_token=BCL8-RCDX-MB62-2EZT%7C38eaf469042162355c28f5393587690a8388d556%7Clout&selectedTab=com.atlassian.jira.plugin.system.project%3Aversion-summary-panel"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://issues.opennms.org/browse/NMS/fixforversion/10825"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/78454"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/47646"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/51632"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72625"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}