Artica Pandora FMS version 7.0 is vulnerable to stored Cross-Site Scripting in the map name parameter.
artica pandora fms 7.0