CVE-2022-2059

Name of the Vulnerable Software and Affected Versions Pandora FMS versions 7.0NG.761 and below

Description The issue concerns a Stored Cross Site-Scripting vulnerability in the agent creation section, specifically affecting the alias parameter. This can be exploited by an attacker with administrator privileges who is logged into the system.

Recommendations For Pandora FMS versions 7.0NG.761 and below, consider restricting access to the agent creation section until a fix is available, and avoid using the alias parameter in this section to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.