Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
šŸ”„ Daily Hot!
šŸ’ŖšŸ½ CPE Enhanced Advisories
šŸ•¶ Shadow Exploits
šŸ•µšŸ¼ Vulners CPE
šŸ” Security news
šŸ’» Exploit updates
šŸ“‘ Blogs review
šŸ§ Linux vulnerabilities
šŸž Bugbounty
šŸ¤– AI High Score
šŸ“° CVE Feed
show all

3 matches found

Github Security Blog
Github Security Blogā€¢added 2023/08/14 6:32 p.m.ā€¢14 views

OpenNMS vulnerable to Cross-site Scripting

Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that allow an attacker to store on database and then load on JSPs or Angular templates. The solution is to upgrade to Meridian 2023.1....

6.7CVSS6.3AI score0.00148EPSS
Exploits0References6Affected Software1
Prion
Prionā€¢added 2023/08/14 6:15 p.m.ā€¢13 views

Cross site scripting

Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that allow an attacker to store on database and then load on JSPs or Angular templates. The solution is to upgrade to Meridian 2023.1....

3.8CVSS4.8AI score0.00148EPSS
Exploits0References3Affected Software2
RedHat Linux
RedHat Linuxā€¢added 2016/06/21 10:23 p.m.ā€¢2 views

python-django-horizon: XSS in client side template

A DOM-based, cross-site scripting vulnerability has been identified in the OpenStack dashboard, where user input was not filtered correctly. An authenticated dashboard user could exploit the flaw by injecting an AngularJS template into a dashboard form for example, using an image's description,...

5.4CVSS5.6AI score0.00553EPSS
Exploits0References4
Rows per page
Query Builder