Stored cross-site scripting vulnerability in the Create event section in Pandora FMS Console v766 and lower. An attacker typically exploits this vulnerability by injecting XSS payloads on popular pages of a site or passing a link to a victim, tricking them into viewing the page that contains the stored XSS payload.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: INCIBE
Published: 2023-02-15T00:00:00
Updated: 2024-08-03T14:55:07.199Z
Reserved: 2022-12-13T00:00:00
Link: CVE-2022-47372
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-02-15T04:15:10.987
Modified: 2023-10-18T12:15:08.997
Link: CVE-2022-47372
Redhat
No data.