A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an malicious user to perform javascript code executions via the event filter name field.
pandorafms pandora fms