4 matches found
CVE-2023-0867
Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horiz...
CVE-2023-0867 Multiple stored and reflected Cross-site Scripting in webapp
Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horiz...
CVE-2023-0867
OpenNMS Meridian and Horizon are affected by multiple stored and reflected cross-site scripting (XSS) vulnerabilities in webapp jsp pages. The root cause involves insecure handling in the web-facing components, exposing the potential to access confidential session information. Affected software i...
CVE-2023-0867 Multiple stored and reflected Cross-site Scripting in webapp
Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horiz...