Opennms

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-24	CVE-2016-6555	Cross-site Scripting vulnerability in Opennms OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP trap supplied data. network opennms CWE-79	4.3
2021-09-24	CVE-2016-6556	Cross-site Scripting vulnerability in Opennms OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP agent supplied data. network opennms CWE-79	4.3
2021-06-01	CVE-2021-25932	Cross-site Scripting vulnerability in Opennms Meridian In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to Stored Cross-Site Scripting, since the function `validateFormInput()` performs improper validation checks on the input sent to the `userID` parameter. network opennms CWE-79	3.5
2020-07-17	CVE-2020-1652	Unspecified vulnerability in Opennms OpenNMS is accessible via port 9443 network low complexity opennms	7.5
2015-10-16	CVE-2015-7856	Credentials Management vulnerability in Opennms OpenNMS has a default password of rtc for the rtc account, which makes it easier for remote attackers to obtain access by leveraging knowledge of the credentials. network low complexity opennms CWE-255 critical	10.0
2014-06-04	CVE-2014-3960	Cross-Site Scripting vulnerability in Opennms Multiple cross-site scripting (XSS) vulnerabilities in OpenNMS before 1.12.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. network opennms CWE-79	4.3
2009-02-09	CVE-2008-6095	Cross-Site Scripting vulnerability in Opennms 1.5.94 Cross-site scripting (XSS) vulnerability in surveillanceView.htm in OpenNMS 1.5.94 allows remote attackers to inject arbitrary web script or HTML via the viewName parameter. network opennms CWE-79	4.3