Lucene search
+L

5 matches found

NVD
NVD
added 2023/08/14 6:15 p.m.30 views

CVE-2023-40312

Multiple reflected XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that an attacker can modify to craft a malicious XSS payload. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30...

6.7CVSS6.4AI score0.00591EPSS
Exploits0References2
CVE
CVE
added 2023/08/14 5:35 p.m.57 views

CVE-2023-40312

CVE-2023-40312 affects OpenNMS Horizon 31.0.8 and older than 32.0.2 across multiple platforms, due to multiple reflected XSS in JSP parameters caused by unsanitized input. Exploitation would allow an attacker to craft a malicious payload that is reflected in responses. The remediation is upgradin...

6.7CVSS5.7AI score0.00591EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2023/08/14 5:35 p.m.11 views

CVE-2023-40312 Reflected XSS in multiple JSP files in opennms/opennms

Multiple reflected XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that an attacker can modify to craft a malicious XSS payload. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30...

6.7CVSS6.1AI score0.00591EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/08/14 5:35 p.m.29 views

CVE-2023-40312 Reflected XSS in multiple JSP files in opennms/opennms

Multiple reflected XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that an attacker can modify to craft a malicious XSS payload. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30...

6.7CVSS6.5AI score0.00591EPSS
Exploits0References2
OSV
OSV
added 2023/08/14 5:35 p.m.19 views

CVE-2023-40312 Reflected XSS in multiple JSP files in opennms/opennms

Multiple reflected XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that an attacker can modify to craft a malicious XSS payload. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30...

6.7CVSS6.1AI score0.00591EPSS
Exploits0References5
Rows per page
Query Builder