Vulnerability Details CVE-2023-41791
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). This vulnerability allowed users with low privileges to introduce Javascript executables via a translation string that could affect the integrity of some configuration files. This issue affects Pandora FMS: from 700 through 773.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 31.3%
CVSS Severity
CVSS v3 Score 8.4
References
Products affected by CVE-2023-41791
-
cpe:2.3:a:artica:pandora_fms:700
-
cpe:2.3:a:artica:pandora_fms:740
-
cpe:2.3:a:artica:pandora_fms:741
-
cpe:2.3:a:artica:pandora_fms:742
-
cpe:2.3:a:artica:pandora_fms:743
-
cpe:2.3:a:artica:pandora_fms:744
-
cpe:2.3:a:artica:pandora_fms:745
-
cpe:2.3:a:artica:pandora_fms:746
-
cpe:2.3:a:artica:pandora_fms:747
-
cpe:2.3:a:artica:pandora_fms:748
-
cpe:2.3:a:artica:pandora_fms:749
-
cpe:2.3:a:artica:pandora_fms:750
-
cpe:2.3:a:artica:pandora_fms:751
-
cpe:2.3:a:artica:pandora_fms:752
-
cpe:2.3:a:artica:pandora_fms:753
-
cpe:2.3:a:artica:pandora_fms:754
-
cpe:2.3:a:artica:pandora_fms:755
-
cpe:2.3:a:artica:pandora_fms:773