CVE-2018-1000855

Name of the Vulnerable Software and Affected Versions easymon versions prior to 1.4.1

Description The issue is related to a Cross Site Scripting (XSS) vulnerability, specifically Reflected XSS, that can be exploited via a crafted URL containing an XSS payload. This can result in the theft of cookies, depending on the cookie settings. The attack requires the victim to click on the malicious URL. The vulnerability affects Firefox.

Recommendations For easymon versions prior to 1.4.1, update to version 1.4.1 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the vulnerable Endpoint where monitoring is mounted until the update is applied. Restrict access to this Endpoint to minimize the risk of exploitation.