Medium severity5.4NVD Advisory· Published Jun 16, 2018· Updated Jun 17, 2026
CVE-2018-11223
CVE-2018-11223
Description
XSS in Artica Pandora FMS before 7.0 NG 723 allows an attacker to execute arbitrary code via a crafted "refr" parameter in a "/pandora_console/index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=" call.
Affected products
2- Range: <7.0.NG.723
- Range: <7.0 NG 723
Patches
Vulnerability mechanics
References
2- blog.hackercat.ninja/post/pandoras_box/nvdExploitThird Party Advisory
- pandorafms.com/wp-content/uploads/2018/06/whats-new-723-EN.pdfnvdVendor Advisory
News mentions
0No linked articles in our index yet.