13 Layers
SHARE

OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue owed to insufficient filtering of SNMP agent supplied data. By creating a malicious SNMP ‘sysName’ or ‘sysContact’ response, an attacker can store an XSS payload which will trigger when a user of the web UI views the data. This issue was fixed in version 18.0.2, released on September 20, 2016. (CVSS:0.0) (Terminal Update:2021-09-24)

13 Layers Managed Security Services