CVE-2018-11588

2018-06-25T18:29:00
ID CVE-2018-11588
Type cve
Reporter cve@mitre.org
Modified 2018-08-28T17:17:00

Description

Centreon 3.4.6 including Centreon Web 2.8.23 is vulnerable to an authenticated user injecting a payload into the username or command description, resulting in stored XSS. This is related to www/include/core/menu/menu.php and www/include/configuration/configObject/command/formArguments.php.