CVE-2021-25930
CVE-2021-25930 affects OpenNMS Horizon (opennms-1-0-stable to opennms-27.1.0-1) and OpenNMS Meridian (meridian-foundation-2015.1.0-1 to meridian-foundation-2020.1.6-1). Root cause: CSRF protection is absent and there is no validation of an existing username when renaming a user. Impact: privilege...