CVE-2023-41791

Name of the Vulnerable Software and Affected Versions Pandora FMS versions 700 through 773

Description The issue is related to improper neutralization of input during web page generation, also known as Cross-site Scripting (XSS). This allows users with low privileges to introduce Javascript executables via a translation string, potentially affecting the integrity of some configuration files.

Recommendations For Pandora FMS versions 700 through 773, update to a version that includes a fix for this issue to prevent Cross-site Scripting (XSS) attacks. As a temporary workaround, consider restricting access to translation strings to minimize the risk of exploitation.