CVE-2023-41811

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Nov 23, 2023

Updated: Nov 29, 2023

CWE ID 79

Summary

CVE-2023-41811 is a Cross-Site Scripting (XSS) vulnerability affecting Pandora FMS versions 700 through 773. This issue stems from improper neutralization of user input during web page generation in the news section of the web console. Successful exploitation allows an attacker to inject and execute malicious Javascript code in the victim's browser, potentially leading to information disclosure or unauthorized actions. It is crucial that users update their Pandora FMS installations to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Artica Pandora Fms

Affected Vendors

Artica

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sh2uBZ
https://www.cve.org/CVERecord?id=CVE-2023-41811
https://nvd.nist.gov/vuln/detail/CVE-2023-41811

Back to Vulnerability Database