CVE-2022-47372

CVSS V2 None CVSS V3 None
Description
Stored cross-site scripting vulnerability in the Create event section in Pandora FMS Console v766 and lower. An attacker typically exploits this vulnerability by injecting XSS payloads on popular pages of a site or passing a link to a victim, tricking them into viewing the page that contains the stored XSS payload.
Overview
  • CVE ID
  • CVE-2022-47372
  • Assigner
  • cve-coordination@incibe.es
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-02-15T04:15:10
  • Last Modified Date
  • 2023-02-23T19:29:45
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:pandorafms:pandora_fms:*:*:*:*:*:*:*:* 1 OR 766
References
History
Created Old Value New Value Data Type Notes
2023-04-17 07:47:06 Added to TrackCVE
2023-04-17 07:47:08 Weakness Enumeration new