Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the page parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-05-27T15:12:32

Updated: 2024-08-04T11:21:13.973Z

Reserved: 2020-03-25T00:00:00

Link: CVE-2020-10946

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-05-27T16:15:12.717

Modified: 2024-11-21T04:56:25.770

Link: CVE-2020-10946

cve-icon Redhat

No data.