CVE-2017-15936

Name of the Vulnerable Software and Affected Versions Artica Pandora FMS version 7.0

Description The issue allows an attacker with write permission to create an agent containing an XSS payload. When a user accesses the agent definitions page, the malicious script is executed.

Recommendations For Artica Pandora FMS version 7.0, consider restricting write permissions to prevent unauthorized users from creating agents with malicious payloads. As a temporary workaround, avoid accessing the agent definitions page until a fix is available.