Multiple cross-site scripting (XSS) vulnerabilities in Opsview prior to 4.4.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) id parameter to admin/auditlog/, (2) PATH_INFO to info/host/ or (3) viewport/, (4) back parameter to login, or (5) "from" parameter to status/service/recheck.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opsview opsview 3.10 |
||
opsview opsview 3.8 |
||
opsview opsview 3.6 |
||
opsview opsview 3.4 |
||
opsview opsview 3.2 |
||
opsview opsview 4.2 |
||
opsview opsview 4.1 |
||
opsview opsview 2.10 |
||
opsview opsview 2.8 |
||
opsview opsview 2.7 |
||
opsview opsview |
||
opsview opsview 4.3 |
||
opsview opsview 4.0 |
||
opsview opsview 3.14 |
||
opsview opsview 3.1 |
||
opsview opsview 2.14 |
||
opsview opsview 3.12 |
||
opsview opsview 3.0 |
||
opsview opsview 2.12 |