8 matches found
CVE-2008-6095
CVE-2008-6095 is a cross-site scripting (XSS) vulnerability in OpenNMS version 1.5.94, exploitable via the viewName parameter in surveillanceView.htm. ATT&CK/impact details are limited to the ability of remote attackers to inject arbitrary web script or HTML, with the NVD entry listing a Medium b...
OpenNMS 1.5.x - HTTP Response Splitting
source: https://www.securityfocus.com/bid/31577/info OpenNMS is prone to an HTTP response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This...
OpenNMS 1.5.x - HTTP Response Splitting
OpenNMS 1.5.x - HTTP Response Splitting source: https://www.securityfocus.com/bid/31577/info OpenNMS is prone to an HTTP response-splitting vulnerability because it fails to sufficiently sanitize user-supplied data. Attackers can leverage this issue to influence or misrepresent how web content is...
CVE-2008-4320
Multiple cross-site scripting XSS vulnerabilities in OpenNMS before 1.5.94 allow remote attackers to inject arbitrary web script or HTML via 1 the jusername parameter to jacegisecuritycheck, 2 the username parameter to notification/list.jsp, and 3 the filter parameter to event/list...
OpenNMS 1.5.x - filter Cross-Site Scripting
OpenNMS 1.5.x - filter Cross-Site Scripting source: https://www.securityfocus.com/bid/31410/info OpenNMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in t...
OpenNMS 1.5.x - j_username Cross-Site Scripting
OpenNMS 1.5.x - jusername Cross-Site Scripting source: https://www.securityfocus.com/bid/31410/info OpenNMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code i...
OpenNMS 1.5.x - 'Username' Cross-Site Scripting
source: https://www.securityfocus.com/bid/31410/info OpenNMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...
OpenNMS 1.5.x - 'filter' Cross-Site Scripting
source: https://www.securityfocus.com/bid/31410/info OpenNMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...