CVE-2022-2032

In Pandora FMS v7.0NG.761 and below, in the file manager section, the dirname parameter is vulnerable to a Stored Cross Site-Scripting. This vulnerability can be exploited by an attacker with administrator privileges logged in the system.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:pandorafms:pandora_fms:*:*:*:*:*:*:*:*

Information

Published : 2022-07-25 11:22

Updated : 2022-08-02 08:22


NVD link : CVE-2022-2032

Mitre link : CVE-2022-2032


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

pandorafms

  • pandora_fms