2 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in report/ReportViewAction.do in WebNMS Free Edition 5 allows remote attackers to inject arbitrary web script or HTML via the type parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2009-2155
CVE-2009-2155: The XSS vulnerability affects WebNMS Free Edition 5, specifically in the report/ReportViewAction.do handler where the type parameter can inject arbitrary script/HTML. Root cause is unvalidated input reflected in the page context, enabling remote script execution. The available docu...