CVE-2008-4320

2008-09-29T19:25:00
ID CVE-2008-4320
Type cve
Reporter cve@mitre.org
Modified 2017-08-08T01:32:00

Description

Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before 1.5.94 allow remote attackers to inject arbitrary web script or HTML via (1) the j_username parameter to j_acegi_security_check, (2) the username parameter to notification/list.jsp, and (3) the filter parameter to event/list.