CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-25146

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. It is vulnerable to Cross-Site Scripting (XSS) due to the fact that it is possible to inject and store malicious JavaScript code within it. This can occur via la_id to the /syslog_rules URI for edit_syslog_rule.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.2%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://gist.github.com/ahpaleus/7f6360e112e79539feb166660bbb7193
https://gist.github.com/ahpaleus/7f6360e112e79539feb166660bbb7193

Products affected by CVE-2020-25146

Observium » Observium » Version: 20.8.10631

cpe:2.3:a:observium:observium:20.8.10631

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-25146

Products

Pricing

Contact Us