CVE-2020-25146
Observium Professional/Enterprise/Community (version 20.8.10631) is affected by a Cross-Site Scripting (XSS) vulnerability. The issue arises from storing malicious JavaScript via the la_id parameter to the /syslog_rules (edit_syslog_rule) endpoint. Root cause: input injection leads to potential s...