Vulnerabilities > Pandorafms > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-25 | CVE-2022-2059 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS In Pandora FMS v7.0NG.761 and below, in the agent creation section, the alias parameter is vulnerable to a Stored Cross Site-Scripting. | 4.8 |
| 2021-06-25 | CVE-2021-35501 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS PandoraFMS <=7.54 allows Stored XSS by placing a payload in the name field of a visual console. | 5.4 |
| 2020-06-11 | CVE-2020-13853 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS 7.44 Artica Pandora FMS 7.44 has persistent XSS in the Messages feature. | 5.4 |
| 2020-02-04 | CVE-2019-19968 | Cross-site Scripting vulnerability in Pandorafms Pandora FMS 742 PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. | 5.4 |
| 2018-06-16 | CVE-2018-11223 | Cross-site Scripting vulnerability in Pandorafms Artica Pandora FMS 7.0Ng XSS in Artica Pandora FMS before 7.0 NG 723 allows an attacker to execute arbitrary code via a crafted "refr" parameter in a "/pandora_console/index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=" call. | 5.4 |