CVE-2021-25935
The CVE-2021-25935 issue affects OpenNMS Horizon versions 17.0.0-1 through 27.1.0-1 and OpenNMS Meridian foundation releases from 2015.1.0-1 to 2020.1.7-1. The root cause is improper validation in the add() function for the foreign-source parameter, allowing a stored Cross-Site Scripting (XSS) pa...