Cross site scripting

2023-11-2315:15:00

PRIOn knowledge base

www.prio-n.com

cross-site scripting

pandora fms

low privilege

javascript executables

configuration files

nvd

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

14.2%

JSON

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allowed users with low privileges to introduce Javascript executables via a translation string that could affect the integrity of some configuration files. This issue affects Pandora FMS: from 700 through 773.

CPENameOperatorVersion
pandora_fmsge700
pandora_fmsle773

CPE	Name	Operator	Version
	pandora_fms	ge	700
	pandora_fms	le	773

References

pandorafms.com/en/security/common-vulnerabilities-and-exposures/