Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS prior to 1.5.94 allow remote malicious users to inject arbitrary web script or HTML via (1) the j_username parameter to j_acegi_security_check, (2) the username parameter to notification/list.jsp, and (3) the filter parameter to event/list.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opennms.org opennms 1.5.93 |
||
opennms.org opennms 1.5.92 |
||
opennms.org opennms 1.3.7 |
||
opennms.org opennms 1.3.6 |
||
opennms.org opennms 1.2.4 |
||
opennms.org opennms 1.2.3 |
||
opennms.org opennms 1.2.2 |
||
opennms.org opennms 1.1.1 |
||
opennms.org opennms |
||
opennms.org opennms 1.3.11 |
||
opennms.org opennms 1.3.10 |
||
opennms.org opennms 1.3.3 |
||
opennms.org opennms 1.3.2 |
||
opennms.org opennms 1.1.5 |
||
opennms.org opennms 1.1.4 |
||
opennms.org opennms 1.3.9 |
||
opennms.org opennms 1.3.8 |
||
opennms.org opennms 1.3.1 |
||
opennms.org opennms 1.1.3 |
||
opennms.org opennms 1.1.2 |
||
opennms.org opennms 1.5.91 |
||
opennms.org opennms 1.3.5 |
||
opennms.org opennms 1.3.4 |
||
opennms.org opennms 1.2.1 |