VDB
CVE-2014-4907
CVE-2014-4907
PUBLISHED
CVSS 4.300000190734863 MEDIUM
Cross-site scripting (XSS) vulnerability in share/pnp/application/views/kohana_error_page.php in PNP4Nagios before 0.6.22 allows remote attackers to inject arbitrary web script or HTML via a parameter that is not properly handled in an error message.
EPSS 0.43% · 63.0th percentile
Risk Scores
CVSS 2.0
4.300000190734863
EPSS Score
0.43%
63.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| op5 | monitor | 6.3.0 |
| pnp4nagios | pnp4nagios | 0, 0.6.0, 0.6.1 |
| n/a | n/a | * |
Timeline
- Jul 11, 2014 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- 59535 third-party-advisory
- 59603 third-party-advisory
- https://bugs.op5.com/view.php?id=8761 url
- http://sourceforge.net/p/pnp4nagios/code/ci/f846a6c9d007ca2bee05359af747619151195fc9 url
- http://www.op5.com/blog/news/op5-monitor-6-3-1-release-notes url
- 68350 vdb
- [oss-security] 20140711 Re: CVE request: XSS in PNP4Nagios mailing-list
- http://docs.pnp4nagios.org/pnp-0.6/dwnld url
- https://nvd.nist.gov/vuln/detail/CVE-2014-4907 advisory