Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). Through an HTML payload (iframe tag) it is possible to carry out XSS attacks when the user receiving the messages opens their notifications. This issue affects Pandora FMS: from 700 through 774.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: PandoraFMS

Published: 2023-12-29T11:45:23.493Z

Updated: 2024-08-02T19:09:49.103Z

Reserved: 2023-09-01T12:10:03.869Z

Link: CVE-2023-41814

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2023-12-29T12:15:43.487

Modified: 2024-01-05T04:51:23.907

Link: CVE-2023-41814

cve-icon Redhat

No data.