Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2022-68269
HistoryOct 09, 2022 - 12:00 a.m.

Centreon Cross-Site Scripting Vulnerability (CNVD-2022-68269)

2022-10-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
6

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

0.0005 Low

EPSS

Percentile

17.9%

Centreon (Merethis Centreon) is a set of open source system monitoring tools from Centreon, a French company. A cross-site scripting vulnerability exists in Centreon version 22.04.0. The vulnerability stems from the lack of effective filtering and escaping of user-supplied data, which can be exploited by attackers to cause cross-site scripting attacks.

CPENameOperatorVersion
centreon centreoneq22.04.0

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

0.0005 Low

EPSS

Percentile

17.9%