Lucene search
K

20 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:39 a.m.9 views

CVE-2023-0867

Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horiz...

6.7CVSS6.2AI score0.00424EPSS
Exploits0References1
OSV
OSV
added 2023/11/17 12:31 a.m.28 views

GHSA-C6XW-HG9Q-3C9F OpenNMS Cross-site Scripting vulnerability

Cross-site scripting in bootstrap.jsp in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to confidential session information. The solution is to upgrade to Horizon 32.0.5 or newer and Meridian 2023.1.9 or newer. Meridian and Horizon installation instructions state that...

5.8CVSS6AI score0.00435EPSS
Exploits0References4
OSV
OSV
added 2023/11/16 10:15 p.m.22 views

CVE-2023-40314

Cross-site scripting in bootstrap.jsp in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to confidential session information. The solution is to upgrade to Horizon 32.0.5 or newer and Meridian 2023.1.9 or newer Meridian and Horizon installation instructions state that...

6.1CVSS6.5AI score
Exploits0References1
Cvelist
Cvelist
added 2023/11/16 9:14 p.m.35 views

CVE-2023-40314 Cross-site scripting in bootstrap.jsp

Cross-site scripting in bootstrap.jsp in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to confidential session information. The solution is to upgrade to Horizon 32.0.5 or newer and Meridian 2023.1.9 or newer Meridian and Horizon installation instructions state that...

5.8CVSS6.6AI score0.00435EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/08/03 12:0 a.m.20 views

Siemens SCALANCE X-200RNA Switch Devices Improper Access Control (CVE-2022-46354)

A vulnerability has been identified in SCALANCE X204RNA HSR All versions V3.2.7, SCALANCE X204RNA PRP All versions V3.2.7, SCALANCE X204RNA EEC HSR All versions V3.2.7, SCALANCE X204RNA EEC PRP All versions V3.2.7, SCALANCE X204RNA EEC PRP/HSR All versions V3.2.7. The webserver of an affected...

5.3CVSS5.6AI score0.00677EPSS
Exploits0References3
OSV
OSV
added 2023/02/23 3:33 p.m.15 views

GHSA-MJV2-6JV4-VRG7 OpenNMS Meridian and Horizon vulnerable to Cross-site Scripting

Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information...

6.1CVSS6.2AI score0.00424EPSS
Exploits0References5
NVD
NVD
added 2023/02/23 3:15 p.m.11 views

CVE-2023-0869

Cross-site scripting in outage/list.htm in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to confidential session information. The solution is to upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4 or newer. Meridian and Horizon installation instructions state th...

6.1CVSS5.8AI score0.00408EPSS
Exploits0References2
OSV
OSV
added 2023/02/23 3:15 p.m.19 views

CVE-2023-0867

Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horiz...

6.1CVSS6.2AI score
Exploits0References2
OSV
OSV
added 2023/02/23 3:15 p.m.12 views

CVE-2023-0869

Cross-site scripting in outage/list.htm in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to confidential session information. The solution is to upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4 or newer. Meridian and Horizon installation instructions state th...

6.1CVSS6.2AI score
Exploits0References2
Prion
Prion
added 2023/02/23 3:15 p.m.20 views

Cross site scripting

Cross-site scripting in outage/list.htm in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to confidential session information. The solution is to upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4 or newer. Meridian and Horizon installation instructions state th...

5.8CVSS6.1AI score0.00408EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2023/02/23 2:49 p.m.35 views

CVE-2023-0867 Multiple stored and reflected Cross-site Scripting in webapp

Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horiz...

6.7CVSS6.5AI score0.00424EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/23 2:43 p.m.16 views

CVE-2023-0869 Cross-site scripting in outage/list.htm

Cross-site scripting in outage/list.htm in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to confidential session information. The solution is to upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4 or newer. Meridian and Horizon installation instructions state th...

5.8CVSS6.3AI score0.00408EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/02/23 12:0 a.m.5 views

PT-2023-16573 · Opennms · Opennms Meridian +1

Name of the Vulnerable Software and Affected Versions: OpenNMS Meridian versions prior to 2023.1.0 OpenNMS Horizon versions prior to 31.0.4 Description: Cross-site scripting in outage/list.htm allows an attacker access to confidential session information. The software is intended for installation...

6.1CVSS6.1AI score0.00408EPSS
Exploits0References6
OSV
OSV
added 2023/02/22 9:30 p.m.18 views

GHSA-79JR-8FHM-8WV3 OpenNMS Horizon and Meridian vulnerable to Cross-site Scripting

Unauthenticated, stored cross-site scripting in the display of alarm reduction keys in multiple versions of OpenNMS Horizon and Meridian could allow an attacker access to confidential session information...

6.1CVSS6.3AI score0.00493EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2023/02/22 9:30 p.m.32 views

OpenNMS Horizon and Meridian vulnerable to Cross-site Scripting

Unauthenticated, stored cross-site scripting in the display of alarm reduction keys in multiple versions of OpenNMS Horizon and Meridian could allow an attacker access to confidential session information...

6.7CVSS5.7AI score0.00493EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2023/02/22 7:15 p.m.24 views

CVE-2023-0846

Unauthenticated, stored cross-site scripting in the display of alarm reduction keys in multiple versions of OpenNMS Horizon and Meridian could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horizon...

6.7CVSS6.3AI score0.00493EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/22 6:35 p.m.31 views

CVE-2023-0846 Unauthenticated, stored XSS in display of alarm reduction-key

Unauthenticated, stored cross-site scripting in the display of alarm reduction keys in multiple versions of OpenNMS Horizon and Meridian could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horizon...

6.7CVSS6.4AI score0.00493EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.25 views

Siemens SCALANCE X-300 Switches Improper Access Control (CVE-2022-25755)

A vulnerability has been identified in SCALANCE X302-7 EEC 230V, SCALANCE X302-7 EEC 230V, coated, SCALANCE X302-7 EEC 24V, SCALANCE X302-7 EEC 24V, coated, SCALANCE X302-7 EEC 2x 230V, SCALANCE X302-7 EEC 2x 230V, coated, SCALANCE X302-7 EEC 2x 24V, SCALANCE X302-7 EEC 2x 24V, coated, SCALANCE...

7.5CVSS7.2AI score0.01277EPSS
Exploits0References3
NVD
NVD
added 2022/12/13 4:15 p.m.19 views

CVE-2022-46354

A vulnerability has been identified in SCALANCE X204RNA HSR All versions V3.2.7, SCALANCE X204RNA PRP All versions V3.2.7, SCALANCE X204RNA EEC HSR All versions V3.2.7, SCALANCE X204RNA EEC PRP All versions V3.2.7, SCALANCE X204RNA EEC PRP/HSR All versions V3.2.7. The webserver of an affected...

5.3CVSS0.00677EPSS
Exploits0References1
CNVD
CNVD
added 2022/04/13 12:0 a.m.17 views

Siemens SCALANCE X-300 Switch Family Devices Access Control Error Vulnerability

SCALANCE X switches are used to connect industrial components such as programmable logic controllers PLCs or human machine interfaces HMIs.SIPLUS extreme is designed for reliable operation under extreme conditions. An access control error vulnerability exists in Siemens SCALANCE X-300 Switch Fami...

7.5CVSS6.5AI score0.01277EPSS
Exploits0References1
Rows per page
Query Builder