XSS vulnerability on node error page

Description

From report:

Acceptance / Success Criteria

None

Attachments

Linked issues

blocks

NMS-9457

Multiple XSS vulnerabilities in OpenNMS webapp

Lucidchart Diagrams

Activity

Show:

Gabriela Lopez January 31, 2023 at 7:09 PM

Information Security risk assessed issue as a medium.

CVSS 7.0 x med likelihood .8 = 5.6 Medium

AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:P/RL:U/RC:C/CR:H/IR:H/AR:H/MAV:A/MAC:X/MPR:X/MUI:X/MS:X/MC:X/MI:X/MA:X

Jesse White June 6, 2017 at 1:02 PM

Fixed in foundation with https://github.com/OpenNMS/opennms/pull/1526

Jesse White May 17, 2017 at 9:28 AM

This issue may also affect versions prior to 19.1.0, and if so, we need to ensure that all supported versions of Meridian get patched accordingly.

Fixed

Details
Assignee
Jesse White
Reporter
Jesse White
Labels
security-medium
Components
Sprint
None
Fix versions
20.0.0
Meridian-2015.1.6
Meridian-2016.1.6
Meridian-2017.1.0
Affects versions
19.1.0
Meridian-2015.1.5
Meridian-2016.1.5
Priority
Major

PagerDuty

Created May 17, 2017 at 9:28 AM

Updated January 31, 2023 at 7:09 PM

Resolved June 6, 2017 at 1:02 PM

Configure

XSS vulnerability on node error page

Description

Acceptance / Success Criteria

Attachments

Linked issues

blocks

Lucidchart Diagrams

Activity

Gabriela Lopez January 31, 2023 at 7:09 PM

Jesse White June 6, 2017 at 1:02 PM

Jesse White May 17, 2017 at 9:28 AM

DetailsAssigneeJesse WhiteJesse WhiteReporterJesse WhiteJesse WhiteLabelssecurity-mediumComponentsSprintNone+1Fix versions20.0.0Meridian-2015.1.6Meridian-2016.1.6Meridian-2017.1.0Affects versions19.1.0Meridian-2015.1.5Meridian-2016.1.5PriorityMajor

Details

Assignee

Reporter

Labels

Components

Sprint

Fix versions

Affects versions

Priority

PagerDutyPagerDuty Incident

PagerDuty

Details
Assignee
Jesse White
Reporter
Jesse White
Labels
security-medium
Components
Sprint
None
Fix versions
20.0.0
Meridian-2015.1.6
Meridian-2016.1.6
Meridian-2017.1.0
Affects versions
19.1.0
Meridian-2015.1.5
Meridian-2016.1.5
Priority
Major

PagerDuty