CVE-2025-8429

CVSS v3.1

6.8

Vector

AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Centreon Infra Monitoring versions 23.10.0 through 23.10.28 Centreon Infra Monitoring versions 24.04.0 through 24.04.18 Centreon Infra Monitoring versions 24.10.0 through 24.10.13

Description The software contains an Improper Neutralization of Input During Web Page Generation issue, also known as Cross-site Scripting (XSS). This affects the ACL Action access configuration modules. The issue allows for Stored XSS exploitation by users with elevated privileges.

Recommendations Update Centreon Infra Monitoring to version 23.10.29 or later. Update Centreon Infra Monitoring to version 24.04.19 or later. Update Centreon Infra Monitoring to version 24.10.14 or later.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-8429

Affected Products

Centreon Infra Monitoring

CVE-2025-8429

Weakness Enumeration

Related Identifiers

Affected Products

References · 3