Cross site scripting

2023-02-1504:15:00

PRIOn knowledge base

www.prio-n.com

cross-site scripting

artica pfms

pandora fms

vulnerability

web page generation

reporting dashboard module

0.001 Low

EPSS

Percentile

21.2%

JSON

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Artica PFMS Pandora FMS v765 on all allows Cross-Site Scripting (XSS). A user with edition privileges can create a Payload in the reporting dashboard module. An admin user can observe the Payload without interaction and attacker can get information.