Lucene search
China National Vulnerability DatabaseCNVD-2022-66771HistorySep 28, 2022 - 12:00 a.m.
Centreon Cross-Site Scripting Vulnerability (CNVD-2022-66771)
2022-09-2800:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
centreon
escalation name
cross-site scripting
vulnerability
french company
0.001 Low
EPSS
Percentile
21.4%
Centreon (Merethis Centreon) is a set of open source system monitoring tools from the French company Centreon. A cross-site scripting vulnerability exists in Centreon v20.10.18, which stems from the esc_name (Escalation Name) parameter in its Configuration/Notifications/Escalations component. The lack of effective filtering and escaping of user-supplied data can be exploited by attackers to cause cross-site scripting attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| centreon centreon v | eq | 20.10.18 |
Related
osv
osv
Centreon contains cross-site scripting vulnerability via esc_name parameter
2022-09-27 00:00:20
github
github
Centreon contains cross-site scripting vulnerability via esc_name parameter
2022-09-27 00:00:20
veracode
veracode
Cross-site Scripting (XSS)
2022-09-27 09:29:54
cve
cve
CVE-2022-40044
2022-09-26 16:15:14
cvelist
cvelist
CVE-2022-40044
2022-09-26 15:38:18
prion
prion
Cross site scripting
2022-09-26 16:15:00
nvd
nvd
CVE-2022-40044
2022-09-26 16:15:14