CVE-2012-0936
This CVE affects OpenNMS: vulnerable in OpenNMS 1.8.x before 1.8.17, 1.9.93 and earlier, and 1.10.x before 1.10.1. The flaw is in web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java, enabling cross-site scripting via the Username field during login. Root cause: XSS in th...