CVE-2021-46681: Vulnerability XSS in module mass operation name field
First published: Mon Feb 21 2022(Updated: )
A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via module massive operation name field.
Credit: security@pandorafms.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Artica Pandora FMS | <757 |
Remedy
This vulnerability has been solved in the 757 version of Pandora FMS.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this XSS vulnerability in Pandora FMS?
The vulnerability ID for this XSS vulnerability in Pandora FMS is CVE-2021-46681.
What is the severity of CVE-2021-46681?
The severity of CVE-2021-46681 is medium with a CVSS score of 6.1.
How does the XSS vulnerability in Pandora FMS version 756 and below impact users?
The XSS vulnerability in Pandora FMS version 756 and below allows an attacker to perform javascript code executions via the module massive operation name field.
Which software versions are affected by the XSS vulnerability in Pandora FMS?
The XSS vulnerability in Pandora FMS affects version 756 and below.
How can I fix the XSS vulnerability in Pandora FMS?
To fix the XSS vulnerability in Pandora FMS, it is recommended to update to version 757 or higher.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/remedy
- agent/author
- agent/title
- agent/last-modified-date
- agent/tags
- agent/description
- agent/event
- agent/first-publish-date
- vendor/artica
- canonical/artica pandora fms