Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). Through an HTML payload (iframe tag) it is possible to carry out XSS attacks when the user receiving the messages opens their notifications. This issue affects Pandora FMS: from 700 through 774.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: PandoraFMS
Published: 2023-12-29T11:45:23.493Z
Updated: 2024-08-02T19:09:49.103Z
Reserved: 2023-09-01T12:10:03.869Z
Link: CVE-2023-41814
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-12-29T12:15:43.487
Modified: 2024-01-05T04:51:23.907
Link: CVE-2023-41814
Redhat
No data.