vulnerability

SUSE: CVE-2015-8010: SUSE Linux Security Advisory

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Jan 16, 2017
Added
Jan 17, 2017
Modified
May 7, 2019

Description

Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to cgi-bin/status.cgi.

Solution(s)

suse-upgrade-icingasuse-upgrade-icinga-debuginfosuse-upgrade-icinga-debugsourcesuse-upgrade-icinga-develsuse-upgrade-icinga-docsuse-upgrade-icinga-idoutilssuse-upgrade-icinga-idoutils-debuginfosuse-upgrade-icinga-idoutils-mysqlsuse-upgrade-icinga-idoutils-oraclesuse-upgrade-icinga-idoutils-pgsqlsuse-upgrade-icinga-plugins-downtimessuse-upgrade-icinga-plugins-eventhandlerssuse-upgrade-icinga-wwwsuse-upgrade-icinga-www-configsuse-upgrade-icinga-www-debuginfosuse-upgrade-monitoring-toolssuse-upgrade-monitoring-tools-debuginfo
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.