MEDIUM🇬🇧 English

CVE-2014-3960

CVSS 4.3v2.0pub. 2014-06-04upd. 2026-05-06

Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before 1.12.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

oryginał EN
CVSS Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
  • Opennms

    APP
    Opennms
    1.10.01.10.11.10.101.10.111.10.121.10.131.10.141.10.21.10.31.10.41.10.51.10.61.10.71.10.81.10.9+ 29 więcej
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2016-6555HIGH7.1ten sam produkt

OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP tr...

CVE-2016-6556HIGH7.1ten sam produkt

OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP ag...

CVE-2015-7856HIGH10.0ten sam produkt

OpenNMS has a default password of rtc for the rtc account, which makes it easier for remote attackers to obtai...

CVE-2021-25932MEDIUM5.4ten sam produkt

In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-...

CVE-2020-1652MEDIUM5.6ten sam produkt

OpenNMS is accessible via port 9443