Xymon monitor cross-site scripting vulnerabilities

2011-04-05T00:00:00
ID SECURITYVULNS:DOC:26058
Type securityvulns
Reporter Securityvulns
Modified 2011-04-05T00:00:00

Description

Several cross-site scripting vulnerabilities have been identified in the Xymon systems- and network-monitoring tool available at http://sourceforge.net/projects/xymon/

All versions prior to 4.3.1 (released April 3, 2011) are vulnerable.

I would like to thank David Ferrest for notifying me of this issue.

Henrik Størner, lead Xymon developer.