Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cross-site scripting vulnerability in the network maps edit functionality
Vulnerability Description
There is a stored cross-site scripting vulnerability in Pandora FMS v765 in the network maps editing functionality. An attacker could modify a network map, including on purpose the name of an XSS payload. Once created, if a user with admin privileges clicks on the edited network maps, the XSS payload will be executed. The exploitation of this vulnerability could allow an atacker to steal the value of the admin user´s cookie.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
PandoraFMS 跨站脚本漏洞
Vulnerability Description
PandoraFMS是美国PandoraFMS的一个应用软件。提供一个监控功能。 PandoraFMS v765版本存在安全漏洞,该漏洞源于存在存储型跨站脚本,攻击者利用该漏洞可能允许窃取管理员用户的cookie值。
CVSS Information
N/A
Vulnerability Type
N/A