Scaner-VSvulnerability catalog · v4.2

Home Catalog Sources CWE CAPEC ATT&CK Mitigations Products Vendors Docs

← Back to List

Opennms.org›Applicationnvd

Opennms

Vulnerabilities

2

Known exploited

0

Max CVSS

4.3

Top EPSS

0.02162

Severity breakdown

Critical

0

High

0

Medium

2

Low

0

Affected version ranges

≤ 1.0.0≤ 1.9.93

Also matched as (raw): opennms

Top vulnerabilities

CVE-2012-0936Cross-site scripting (XSS) vulnerability in web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java in OpenNMS 1.8.x before 1.8.17, 1.9.93 and earlier, and 1.10.x before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via the Username field, related to login.

CVE-2008-4320Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before 1.5.94 allow remote attackers to inject arbitrary web script or HTML via (1) the j_username parameter to j_acegi_security_check, (2) the username parameter to notification/list.jsp, and (3) the filter parameter to event/list.

View vendor →Open in catalog with product filter →