Centreon v20.10.18 was discovered to contain a cross-site scripting (XSS) vulnerability via the esc_name (Escalation Name) parameter at Configuration/Notifications/Escalations. This vulnerability allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload.
Metrics
Affected Vendors & Products
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2022-6939 | Centreon v20.10.18 was discovered to contain a cross-site scripting (XSS) vulnerability via the esc_name (Escalation Name) parameter at Configuration/Notifications/Escalations. This vulnerability allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload. |
 Github GHSA |
GHSA-rv5q-72p2-2q24 | Centreon contains cross-site scripting vulnerability via esc_name parameter |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Wed, 21 May 2025 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-05-21T15:15:21.485Z
Reserved: 2022-09-06T00:00:00.000Z
Link: CVE-2022-40044
Vulnrichment
Updated: 2024-08-03T12:14:38.785Z
NVD
Status : Modified
Published: 2022-09-26T16:15:14.007
Modified: 2025-05-21T16:15:29.583
Link: CVE-2022-40044
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses