NotCVE - vendor:"Centreon" product:"Centreon Service-monitoring Widget" version:" >= 19.04.0

3 results (0.003 seconds)

CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 1

CVE-2020-13628

https://notcve.org/view.php?id=CVE-2020-13628

27 May 2020 — Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to host-monitoring/src/toolbar.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget. Una vulnerabilidad de tipo cross-site scripting (XSS) permite a atacantes ... • https://sysdream.com/news/lab/2020-05-13-cve-2020-10946-several-cross-site-scripting-xss-vulnerabilities-in-centreon • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 1

CVE-2020-13627

https://notcve.org/view.php?id=CVE-2020-13627

27 May 2020 — Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget. Una vulnerabilidad de tipo cross-site scripting (XSS) permite a atacantes... • https://sysdream.com/news/lab/2020-05-13-cve-2020-10946-several-cross-site-scripting-xss-vulnerabilities-in-centreon • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 1

CVE-2020-10946

https://notcve.org/view.php?id=CVE-2020-10946

27 May 2020 — Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the page parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget. Una vulnerabilidad de tipo cross-site scripting (XSS), permite a atacantes re... • https://sysdream.com/news/lab/2020-05-13-cve-2020-10946-several-cross-site-scripting-xss-vulnerabilities-in-centreon • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •