CVE-2022-39988

Name of the Vulnerable Software and Affected Versions Centreon version 22.04.0

Description A cross-site scripting (XSS) issue allows attackers to execute arbitrary web script or HTML via a crafted payload injected into the service alias parameter in the Service>Templates section.

Recommendations For Centreon version 22.04.0, consider restricting access to the service alias parameter in the Service>Templates section until a patch is available. As a temporary workaround, avoid using the service alias parameter with untrusted input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.