Cross site scripting

2023-11-2315:15:00

PRIOn knowledge base

www.prio-n.com

cross-site scripting

pandora fms

web page generation

input neutralization

javascript code

6.7 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allowed Javascript code to be executed in some Widgets’ text box. This issue affects Pandora FMS: from 700 through 773.

CPENameOperatorVersion
pandora_fmsge700
pandora_fmsle773

CPE	Name	Operator	Version
	pandora_fms	ge	700
	pandora_fms	le	773

References

pandorafms.com/en/security/common-vulnerabilities-and-exposures/