A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an malicious user to perform javascript code executions via service elements.
pandorafms pandora fms