Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Lack of Authorization and Stored XSS Via SNMP Trap Editor Page
Vulnerability Description
Cross-Site Request Forgery (CSRF) vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allowed Javascript code to be executed in the SNMP Trap Editor. This issue affects Pandora FMS: from 700 through 773.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Artica Pandora FMS 跨站请求伪造漏洞
Vulnerability Description
Artica Pandora FMS是西班牙Artica公司的一套监控系统。该系统通过可视化的方式监控网络、服务器、虚拟基础架构和应用程序等。 Artica Pandora FMS 700 到 773版本存在跨站请求伪造漏洞,该漏洞源于洞允许在 SNMP Trap编辑器中执行 Javascript 代码。
CVSS Information
N/A
Vulnerability Type
N/A