CVE-2023-41789

Name of the Vulnerable Software and Affected Versions Pandora FMS versions 700 through 773

Description The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting (XSS). This allows an attacker to perform cookie hijacking and log in as a user without needing credentials.

Recommendations For versions 700 through 773, update to a version that includes a fix for this issue to prevent Cross-site Scripting attacks. As a temporary workaround, consider restricting access to sensitive features and implementing additional security measures to minimize the risk of exploitation.