20 matches found
CVE-2023-0867
Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horiz...
GHSA-C6XW-HG9Q-3C9F OpenNMS Cross-site Scripting vulnerability
Cross-site scripting in bootstrap.jsp in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to confidential session information. The solution is to upgrade to Horizon 32.0.5 or newer and Meridian 2023.1.9 or newer. Meridian and Horizon installation instructions state that...
CVE-2023-40314
Cross-site scripting in bootstrap.jsp in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to confidential session information. The solution is to upgrade to Horizon 32.0.5 or newer and Meridian 2023.1.9 or newer Meridian and Horizon installation instructions state that...
CVE-2023-40314 Cross-site scripting in bootstrap.jsp
Cross-site scripting in bootstrap.jsp in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to confidential session information. The solution is to upgrade to Horizon 32.0.5 or newer and Meridian 2023.1.9 or newer Meridian and Horizon installation instructions state that...
Siemens SCALANCE X-200RNA Switch Devices Improper Access Control (CVE-2022-46354)
A vulnerability has been identified in SCALANCE X204RNA HSR All versions V3.2.7, SCALANCE X204RNA PRP All versions V3.2.7, SCALANCE X204RNA EEC HSR All versions V3.2.7, SCALANCE X204RNA EEC PRP All versions V3.2.7, SCALANCE X204RNA EEC PRP/HSR All versions V3.2.7. The webserver of an affected...
GHSA-MJV2-6JV4-VRG7 OpenNMS Meridian and Horizon vulnerable to Cross-site Scripting
Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information...
CVE-2023-0869
Cross-site scripting in outage/list.htm in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to confidential session information. The solution is to upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4 or newer. Meridian and Horizon installation instructions state th...
CVE-2023-0867
Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horiz...
CVE-2023-0869
Cross-site scripting in outage/list.htm in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to confidential session information. The solution is to upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4 or newer. Meridian and Horizon installation instructions state th...
Cross site scripting
Cross-site scripting in outage/list.htm in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to confidential session information. The solution is to upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4 or newer. Meridian and Horizon installation instructions state th...
CVE-2023-0867 Multiple stored and reflected Cross-site Scripting in webapp
Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horiz...
CVE-2023-0869 Cross-site scripting in outage/list.htm
Cross-site scripting in outage/list.htm in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to confidential session information. The solution is to upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4 or newer. Meridian and Horizon installation instructions state th...
PT-2023-16573 · Opennms · Opennms Meridian +1
Name of the Vulnerable Software and Affected Versions: OpenNMS Meridian versions prior to 2023.1.0 OpenNMS Horizon versions prior to 31.0.4 Description: Cross-site scripting in outage/list.htm allows an attacker access to confidential session information. The software is intended for installation...
GHSA-79JR-8FHM-8WV3 OpenNMS Horizon and Meridian vulnerable to Cross-site Scripting
Unauthenticated, stored cross-site scripting in the display of alarm reduction keys in multiple versions of OpenNMS Horizon and Meridian could allow an attacker access to confidential session information...
OpenNMS Horizon and Meridian vulnerable to Cross-site Scripting
Unauthenticated, stored cross-site scripting in the display of alarm reduction keys in multiple versions of OpenNMS Horizon and Meridian could allow an attacker access to confidential session information...
CVE-2023-0846
Unauthenticated, stored cross-site scripting in the display of alarm reduction keys in multiple versions of OpenNMS Horizon and Meridian could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horizon...
CVE-2023-0846 Unauthenticated, stored XSS in display of alarm reduction-key
Unauthenticated, stored cross-site scripting in the display of alarm reduction keys in multiple versions of OpenNMS Horizon and Meridian could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horizon...
Siemens SCALANCE X-300 Switches Improper Access Control (CVE-2022-25755)
A vulnerability has been identified in SCALANCE X302-7 EEC 230V, SCALANCE X302-7 EEC 230V, coated, SCALANCE X302-7 EEC 24V, SCALANCE X302-7 EEC 24V, coated, SCALANCE X302-7 EEC 2x 230V, SCALANCE X302-7 EEC 2x 230V, coated, SCALANCE X302-7 EEC 2x 24V, SCALANCE X302-7 EEC 2x 24V, coated, SCALANCE...
CVE-2022-46354
A vulnerability has been identified in SCALANCE X204RNA HSR All versions V3.2.7, SCALANCE X204RNA PRP All versions V3.2.7, SCALANCE X204RNA EEC HSR All versions V3.2.7, SCALANCE X204RNA EEC PRP All versions V3.2.7, SCALANCE X204RNA EEC PRP/HSR All versions V3.2.7. The webserver of an affected...
Siemens SCALANCE X-300 Switch Family Devices Access Control Error Vulnerability
SCALANCE X switches are used to connect industrial components such as programmable logic controllers PLCs or human machine interfaces HMIs.SIPLUS extreme is designed for reliable operation under extreme conditions. An access control error vulnerability exists in Siemens SCALANCE X-300 Switch Fami...