Vulnerabilities > Centreon > Centreon Host Monitoring Widget > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-05-27 CVE-2020-13628 Cross-site Scripting vulnerability in Centreon products
Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to host-monitoring/src/toolbar.php.
network
low complexity
centreon CWE-79
6.1
2020-05-27 CVE-2020-13627 Cross-site Scripting vulnerability in Centreon products
Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php.
network
low complexity
centreon CWE-79
6.1
2020-05-27 CVE-2020-10946 Cross-site Scripting vulnerability in Centreon products
Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the page parameter to service-monitoring/src/index.php.
network
low complexity
centreon CWE-79
6.1