vulnerability
SUSE: CVE-2015-8010: SUSE Linux Security Advisory
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Jan 16, 2017 | Jan 17, 2017 | May 7, 2019 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Jan 16, 2017
Added
Jan 17, 2017
Modified
May 7, 2019
Description
Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to cgi-bin/status.cgi.
Solution(s)
suse-upgrade-icingasuse-upgrade-icinga-debuginfosuse-upgrade-icinga-debugsourcesuse-upgrade-icinga-develsuse-upgrade-icinga-docsuse-upgrade-icinga-idoutilssuse-upgrade-icinga-idoutils-debuginfosuse-upgrade-icinga-idoutils-mysqlsuse-upgrade-icinga-idoutils-oraclesuse-upgrade-icinga-idoutils-pgsqlsuse-upgrade-icinga-plugins-downtimessuse-upgrade-icinga-plugins-eventhandlerssuse-upgrade-icinga-wwwsuse-upgrade-icinga-www-configsuse-upgrade-icinga-www-debuginfosuse-upgrade-monitoring-toolssuse-upgrade-monitoring-tools-debuginfo

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.