Vulnerability Details CVE-2023-44089
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pandora FMS on all allows Cross-Site Scripting (XSS). It was possible to execute malicious JS code on Visual Consoles. This issue affects Pandora FMS: from 700 through 774.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.3%
CVSS Severity
CVSS v3 Score 6.1
References
Products affected by CVE-2023-44089
-
cpe:2.3:a:pandorafms:pandora_fms:742
-
cpe:2.3:a:pandorafms:pandora_fms:746
-
cpe:2.3:a:pandorafms:pandora_fms:754
-
cpe:2.3:a:pandorafms:pandora_fms:765
-
cpe:2.3:a:pandorafms:pandora_fms:766
-
cpe:2.3:a:pandorafms:pandora_fms:767
-
cpe:2.3:a:pandorafms:pandora_fms:771
-
cpe:2.3:a:pandorafms:pandora_fms:772