Vulnerabilities > Centreon > Centreon WEB
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-25 | CVE-2018-11588 | Cross-site Scripting vulnerability in Centreon and Centreon web Centreon 3.4.6 including Centreon Web 2.8.23 is vulnerable to an authenticated user injecting a payload into the username or command description, resulting in stored XSS. | 5.4 |
| 2018-06-25 | CVE-2018-11587 | Code Injection vulnerability in Centreon and Centreon web There is Remote Code Execution in Centreon 3.4.6 including Centreon Web 2.8.23 via the RPN value in the Virtual Metric form in centreonGraph.class.php. | 9.8 |