CVE-2023-40311

Name of the Vulnerable Software and Affected Versions OpenMNS Horizon versions 31.0.8 through 32.0.2

Description Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon. This allows an attacker to store malicious data on the database and then load it on JSPs or Angular templates. The installation instructions for Meridian and Horizon state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Jordi Miralles Comins for reporting this issue.

Recommendations To resolve the issue, upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. As a temporary workaround, consider restricting access to the vulnerable JSP files until a patch is available. Restrict access to the database to minimize the risk of exploitation. Avoid using unsanitized parameters in JSP files until the issue is resolved.