0.001 Low
EPSS
Percentile
29.5%
Unauthenticated, stored cross-site scripting in the display of alarm reduction keys in multiple versions of OpenNMS Horizon and Meridian could allow an attacker access to confidential session information.
docs.opennms.com/meridian/2022/releasenotes/changelog.html#releasenotes-changelog-Meridian-2022.1.13
github.com/OpenNMS/opennms
github.com/OpenNMS/opennms/pull/5506/files
issues.opennms.org/browse/NMS-14877
nvd.nist.gov/vuln/detail/CVE-2023-0846