Lucene search
HistorySep 26, 2022 - 4:15 p.m.
CVE-2022-40044
cve-2022-40044
centreon
cross-site scripting
xss
web security
nvd
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Centreon v20.10.18 was discovered to contain a cross-site scripting (XSS) vulnerability via the esc_name (Escalation Name) parameter at Configuration/Notifications/Escalations. This vulnerability allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload.
CPE configuration
centreoncentreonMatch20.10.18
| CPE | Name | Operator | Version |
|---|---|---|---|
| centreon:centreon | centreon | eq | 20.10.18 |
References
Social References
More
Related
veracode
veracode
Cross-site Scripting (XSS)
2022-09-27 09:29:54
github
github
Centreon contains cross-site scripting vulnerability via esc_name parameter
2022-09-27 00:00:20
osv
osv
Centreon contains cross-site scripting vulnerability via esc_name parameter
2022-09-27 00:00:20
cnvd
cnvd
Centreon Cross-Site Scripting Vulnerability (CNVD-2022-66771)
2022-09-28 00:00:00
prion
prion
Cross site scripting
2022-09-26 16:15:00
cvelist
cvelist
CVE-2022-40044
2022-09-26 15:38:18
nvd
nvd
CVE-2022-40044
2022-09-26 16:15:14
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Related for CVE-2022-40044