Cross-site Scripting (XSS) vulnerability in Visual Console Module of Pandora FMS could be used to hijack admin users session cookie values, carry out phishing attacks, etc. This issue affects Pandora FMS v767 version and prior versions on all platforms.
History

Fri, 27 Sep 2024 22:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: INCIBE

Published: 2023-08-22T13:02:10.102Z

Updated: 2024-09-27T21:57:03.260Z

Reserved: 2023-01-25T13:49:34.265Z

Link: CVE-2023-24514

cve-icon Vulnrichment

Updated: 2024-08-02T10:56:04.297Z

cve-icon NVD

Status : Analyzed

Published: 2023-08-22T19:16:34.393

Modified: 2023-08-26T02:26:23.970

Link: CVE-2023-24514

cve-icon Redhat

No data.