RSS   Podatności dla 'Opennms'   RSS

2012-01-28
 
CVE-2012-0936

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java in OpenNMS 1.8.x before 1.8.17, 1.9.93 and earlier, and 1.10.x before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via the Username field, related to login.

 
2008-09-29
 
CVE-2008-4320

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before 1.5.94 allow remote attackers to inject arbitrary web script or HTML via (1) the j_username parameter to j_acegi_security_check, (2) the username parameter to notification/list.jsp, and (3) the filter parameter to event/list.

 


Copyright 2024, cxsecurity.com

 

Back to Top