Vulnerabilities > Opennms ORG > Opennms > 1.2.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-01-29 | CVE-2012-0936 | Cross-Site Scripting vulnerability in Opennms.Org Opennms Cross-site scripting (XSS) vulnerability in web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java in OpenNMS 1.8.x before 1.8.17, 1.9.93 and earlier, and 1.10.x before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via the Username field, related to login. | 4.3 |
2008-09-29 | CVE-2008-4320 | Cross-Site Scripting vulnerability in Opennms.Org Opennms Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before 1.5.94 allow remote attackers to inject arbitrary web script or HTML via (1) the j_username parameter to j_acegi_security_check, (2) the username parameter to notification/list.jsp, and (3) the filter parameter to event/list. | 4.3 |