Lucene search
K

4 matches found

NVD
NVD
added 2023/02/23 3:15 p.m.24 views

CVE-2023-0867

Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horiz...

6.7CVSS6.4AI score0.00424EPSS
Exploits0References2
OSV
OSV
added 2023/02/23 2:49 p.m.20 views

CVE-2023-0867 Multiple stored and reflected Cross-site Scripting in webapp

Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horiz...

6.7CVSS6.3AI score0.00424EPSS
Exploits0References5
CVE
CVE
added 2023/02/23 2:49 p.m.65 views

CVE-2023-0867

OpenNMS Meridian and Horizon are affected by multiple stored and reflected cross-site scripting (XSS) vulnerabilities in webapp jsp pages. The root cause involves insecure handling in the web-facing components, exposing the potential to access confidential session information. Affected software i...

6.7CVSS6.2AI score0.00424EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2023/02/23 2:49 p.m.35 views

CVE-2023-0867 Multiple stored and reflected Cross-site Scripting in webapp

Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horiz...

6.7CVSS6.5AI score0.00424EPSS
Exploits0References2
Rows per page
Query Builder