CVE-2023-40314
Cross-site scripting in bootstrap.jsp affects multiple versions of OpenNMS Meridian and Horizon. The issue allows an attacker to access confidential session information. Remediation: upgrade to Horizon 32.0.5+ and Meridian 2023.1.9+ (per the CVE description across sources). External exposure warn...