Unrated severityNVD Advisory· Published Jun 15, 2022· Updated Sep 17, 2024
OpenNMS Stored XSS via SNMP Trap Alerts
CVE-2016-6555
Description
OpenNMS version 18.0.1 and prior are vulnerable to a stored XSS issue due to insufficient filtering of SNMP trap supplied data. By creating a malicious SNMP trap, an attacker can store an XSS payload which will trigger when a user of the web UI views the events list page. This issue was fixed in version 18.0.2, released on September 20, 2016.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- github.com/OpenNMS/opennms/pull/1019mitrex_refsource_MISC
- www.rapid7.com/blog/post/2016/11/15/r7-2016-24-opennms-stored-xss-via-snmp-cve-2016-6555-cve-2016-6556/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.