Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
OpenNMS Stored XSS via SNMP Agent Data
Vulnerability Description
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP agent supplied data. By creating a malicious SNMP 'sysName' or 'sysContact' response, an attacker can store an XSS payload which will trigger when a user of the web UI views the data. This issue was fixed in version 18.0.2, released on September 20, 2016.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Opennms Group OpenNMS 跨站脚本漏洞
Vulnerability Description
Opennms Group OpenNMS是美国Opennms Group公司的一套开源的企业级网络监视和网络管理平台。 Opennms Group OpenNMS 中存在跨站脚本漏洞。该漏洞源于对 SNMP 代理提供的数据的过滤不足,容易受到存储型跨站脚本问题的影响。
CVSS Information
N/A
Vulnerability Type
N/A