Bugtraq mailing list archives

Re: Xymon monitor cross-site scripting vulnerabilities

From: Henri Salo <henri () nerv fi>
Date: Mon, 4 Apr 2011 21:41:56 +0300

On Sun, Apr 03, 2011 at 12:15:12PM +0200, Henrik Størner wrote:

Several cross-site scripting vulnerabilities have been identified in
the Xymon systems- and network-monitoring tool available at
http://sourceforge.net/projects/xymon/

All versions prior to 4.3.1 (released April 3, 2011) are vulnerable.

I would like to thank David Ferrest for notifying me of this issue.


Henrik Størner,
lead Xymon developer.


Does these issues have CVE-identifier? Where can I see the full details of these vulnerabilities?

Best regards,
Henri Salo

Current thread:

Xymon monitor cross-site scripting vulnerabilities Henrik Størner (Apr 04)
- Re: Xymon monitor cross-site scripting vulnerabilities Henri Salo (Apr 04)