Lucene search
PRIOn knowledge basePRION:CVE-2023-0867HistoryFeb 23, 2023 - 3:15 p.m.
Cross site scripting
2023-02-2315:15:00
PRIOn knowledge base
www.prio-n.com
1
cross-site scripting
opennms
vulnerabilities
confidential information
upgrade
installation
private network
internet access
Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horizon installation instructions state that they are intended for installation within an organization’s private networks and should not be directly accessible from the Internet.
Related
github
github
OpenNMS Meridian and Horizon vulnerable to Cross-site Scripting
2023-02-23 15:33:05
cvelist
cvelist
CVE-2023-0867 Multiple stored and reflected Cross-site Scripting in webapp
2023-02-23 14:49:30
osv
osv
OpenNMS Meridian and Horizon vulnerable to Cross-site Scripting
2023-02-23 15:33:05
CVE-2023-0867
2023-02-23 15:15:11
nvd
nvd
CVE-2023-0867
2023-02-23 15:15:11
cve
cve
CVE-2023-0867
2023-02-23 15:15:11