CVE-2026-30812

Summary

Improper Neutralization of Input During Web Page Generation vulnerability allows Stored Cross-Site Scripting via event comments. This issue affects Pandora FMS: from 777 through 800

Affected Software

VendorProductVersion RangeStatus
Pandora FMSPandora FMS777 <= 800affected

Weaknesses

  • CWE-79: CWE-79 Improper neutralization of input during web page generation ('cross-site scripting')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References