CVE-2021-46676
4
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
Summary
A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the transactional maps name field.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Artica PFMS | Pandora FMS | v756 <= v756 | affected |
Weaknesses
- CWE-79: CWE-79 Cross-site Scripting (XSS)
ADP Enrichment
CVE Program Container
Additional References
- https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/
- https://www.incibe.es/en/cve-assignment-publication/coordinated-cves
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/
- https://www.incibe.es/en/cve-assignment-publication/coordinated-cves
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.