CVE-2018-11223
Artica Pandora FMS is affected by CVE-2018-11223, with versions before 7.0 NG 723 vulnerable to cross-site scripting via the crafted refr parameter in the call to /pandora_console/index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=. The vulnerability enables an attacker to execute arb...