Vulnerabilities > Ganglia > Ganglia WEB > 3.5.8

DATE CVE VULNERABILITY TITLE RISK
2020-01-11 CVE-2019-20379 Cross-site Scripting vulnerability in Ganglia Ganglia-Web
ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php cs parameter.
network
ganglia CWE-79
4.3
4.3
2020-01-11 CVE-2019-20378 Cross-site Scripting vulnerability in Ganglia Ganglia-Web
ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php ce parameter.
network
ganglia CWE-79
4.3
4.3
2017-08-09 CVE-2015-6816 Improper Authentication vulnerability in multiple products
ganglia-web before 3.7.1 allows remote attackers to bypass authentication.
network
low complexity
fedoraproject ganglia CWE-287
7.5
7.5
2013-12-05 CVE-2013-6395 Cross-Site Scripting vulnerability in Ganglia Ganglia-Web 3.5.10/3.5.8
Cross-site scripting (XSS) vulnerability in header.php in Ganglia Web 3.5.8 and 3.5.10 allows remote attackers to inject arbitrary web script or HTML via the host_regex parameter to the default URI, which is processed by get_context.php.
network
ganglia CWE-79
4.3
4.3