Vulnerability Details CVE-2023-24514
Cross-site Scripting (XSS) vulnerability in Visual Console Module of Pandora FMS could be used to hijack admin users session cookie values, carry out phishing attacks, etc. This issue affects Pandora FMS v767 version and prior versions on all platforms.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.7%
CVSS Severity
CVSS v3 Score 6.3
References
Products affected by CVE-2023-24514
-
cpe:2.3:a:pandorafms:pandora_fms:-
-
cpe:2.3:a:pandorafms:pandora_fms:1.2
-
cpe:2.3:a:pandorafms:pandora_fms:1.3
-
cpe:2.3:a:pandorafms:pandora_fms:1.3.1
-
cpe:2.3:a:pandorafms:pandora_fms:2.0
-
cpe:2.3:a:pandorafms:pandora_fms:2.1
-
cpe:2.3:a:pandorafms:pandora_fms:2.1.1
-
cpe:2.3:a:pandorafms:pandora_fms:3.0
-
cpe:2.3:a:pandorafms:pandora_fms:3.1
-
cpe:2.3:a:pandorafms:pandora_fms:3.2
-
cpe:2.3:a:pandorafms:pandora_fms:3.2.1
-
cpe:2.3:a:pandorafms:pandora_fms:4.0
-
cpe:2.3:a:pandorafms:pandora_fms:4.0.1
-
cpe:2.3:a:pandorafms:pandora_fms:4.0.2
-
cpe:2.3:a:pandorafms:pandora_fms:4.0.3
-
cpe:2.3:a:pandorafms:pandora_fms:4.1
-
cpe:2.3:a:pandorafms:pandora_fms:4.1.1
-
cpe:2.3:a:pandorafms:pandora_fms:5.0
-
cpe:2.3:a:pandorafms:pandora_fms:5.1
-
cpe:2.3:a:pandorafms:pandora_fms:6.0
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_703
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_704
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_705
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_706
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_707
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_708
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_709
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_710
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_711
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_712
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_713
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_714
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_715
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_716
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_717
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_718
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_719
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_720
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_721
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_722
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_723
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_724
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_725
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_735
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_759
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_760
-
cpe:2.3:a:pandorafms:pandora_fms:7.0_ng_761
-
cpe:2.3:a:pandorafms:pandora_fms:7.44
-
cpe:2.3:a:pandorafms:pandora_fms:742
-
cpe:2.3:a:pandorafms:pandora_fms:746
-
cpe:2.3:a:pandorafms:pandora_fms:754
-
cpe:2.3:a:pandorafms:pandora_fms:765
-
cpe:2.3:a:pandorafms:pandora_fms:766
-
cpe:2.3:a:pandorafms:pandora_fms:767