Vulnerabilities > Opsview > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-01-02 CVE-2013-3936 Cross-site Scripting vulnerability in Opsview and Opsview Core
Multiple cross-site scripting (XSS) vulnerabilities in Opsview before 4.4.1 and Opsview Core before 20130522 allow remote attackers to inject arbitrary web script or HTML.
network
low complexity
opsview CWE-79
6.1
2018-09-05 CVE-2018-16148 Cross-site Scripting vulnerability in Opsview
The diagnosticsb2ksy parameter of the /rest endpoint in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to Cross-Site Scripting.
network
low complexity
opsview CWE-79
6.1
2018-09-05 CVE-2018-16147 Cross-site Scripting vulnerability in Opsview
The data parameter of the /settings/api/router endpoint in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to Cross-Site Scripting.
network
low complexity
opsview CWE-79
6.1
2017-05-03 CVE-2016-10368 Open Redirect vulnerability in Opsview
Open redirect vulnerability in Opsview Monitor Pro (Prior to 5.1.0.162300841, prior to 5.0.2.27475, prior to 4.6.4.162391051, and 4.5.x without a certain 2016 security patch) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the back parameter to the /login URI.
network
low complexity
opsview CWE-601
6.1
2017-04-10 CVE-2015-6035 Cross-site Scripting vulnerability in Opsview
Opsview before 2015-11-06 has XSS via SNMP.
network
low complexity
opsview CWE-79
6.1