all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-0867 (horizon, meridian)

Add to bookmarks
Feb. 23, 2023, 3:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

Multiple stored and reflected cross-site scripting vulnerabilities in webapp jsp pages in multiple versions of OpenNMS Meridian and Horizon could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet.

access confidential cross-site cve horizon information installation internet networks organization private private networks scripting session state upgrade vulnerabilities webapp

Visit resource

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 5 months, 3 weeks ago | web.nvd.nist.gov
attackers cve denial of service issue +1
CVE-2023-40101 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android check collapse cve +7
CVE-2023-21377 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android bypass cve disclosure +8
CVE-2023-21380 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android bluetooth buffer buffer overflow +9
CVE-2023-21382 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
access android check cve +11
CVE-2023-21381 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android arbitrary code code code execution +10
CVE-2023-21385 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android corruption cve disclosure +7
CVE-2023-21387 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android backup bypass cve +11
CVE-2023-21389 (android) 5 months, 3 weeks ago | web.nvd.nist.gov
android bypass check cve +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Engineer II, Offensive Security Penetration Testing

@ Amazon.com | US, TX, Virtual Location - Texas
View on infosec-jobs.com

Cybersecurity Specialist (Security Engineering)

@ Triton AI Pte Ltd | Singapore, Singapore, Singapore
View on infosec-jobs.com

Information Systems Security Officer (ISSO)

@ ARA | Arlington, Virginia, United States
View on infosec-jobs.com

Lead - IT Risk compliance & Info Security

@ First Advantage | Bengaluru-560042, Karnataka
View on infosec-jobs.com

Embedded VSOC Analyst

@ Sibylline Ltd | Australia, Australia
View on infosec-jobs.com
View more jobs