Ganglia : Security Vulnerabilities, CVEs, (XSS)
ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php cs parameter.
Max CVSS
6.1
EPSS Score
0.09%
Published
2020-01-11
Updated
2020-01-13
ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php ce parameter.
Max CVSS
6.1
EPSS Score
0.09%
Published
2020-01-11
Updated
2020-01-13
Cross-site scripting (XSS) vulnerability in header.php in Ganglia Web 3.5.8 and 3.5.10 allows remote attackers to inject arbitrary web script or HTML via the host_regex parameter to the default URI, which is processed by get_context.php.
Max CVSS
4.3
EPSS Score
0.27%
Published
2013-12-05
Updated
2017-08-29
Cross-site scripting (XSS) vulnerability in views_view.php in Ganglia Web 3.5.7 allows remote attackers to inject arbitrary web script or HTML via the view_name parameter.
Max CVSS
4.3
EPSS Score
0.27%
Published
2014-04-02
Updated
2017-08-29
Multiple cross-site scripting (XSS) vulnerabilities in Ganglia Web before 3.5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Max CVSS
4.3
EPSS Score
0.32%
Published
2013-03-14
Updated
2013-03-19
Multiple cross-site scripting (XSS) vulnerabilities in ganglia-web in Ganglia before 3.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) c and (2) h parameters to (a) web/host_gmetrics.php; the (3) G, (4) me, (5) x, (6) n, (7) v, (8) l, (9) vl, and (10) st parameters to (b) web/graph.php; and the (11) c, (12) G, (13) h, (14) r, (15) m, (16) s, (17) cr, (18) hc, (19) sh, (20) p, (21) t, (22) jr, (23) js, (24) gw, (25) z, and (26) gs parameters to (c) web/get_context.php. NOTE: some of these details are obtained from third party information.
Max CVSS
4.3
EPSS Score
0.28%
Published
2007-12-20
Updated
2011-03-08
6 vulnerabilities found