CVE-2023-0846
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-0846
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-0846.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-0846
- Aliases
- Published
- 2023-02-22T19:15:11Z
- Modified
- 2024-05-14T11:41:38.342782Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Unauthenticated, stored cross-site scripting in the display of alarm reduction keys in multiple versions of OpenNMS Horizon and Meridian could allow an attacker access to confidential session information. Users should upgrade to Meridian 2023.1.0 or newer, or Horizon 31.0.4. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet.
- References
Affected packages
Git / github.com/opennms/opennms
Affected ranges
- Type
- GIT
- Repo
- https://github.com/opennms/opennms
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
meridian-foundation-2015.*
meridian-foundation-2015.1.0-1
meridian-foundation-2015.1.1-1
meridian-foundation-2015.1.10-1
meridian-foundation-2015.1.2-1
meridian-foundation-2015.1.3-1
meridian-foundation-2015.1.4-1
meridian-foundation-2015.1.5-1
meridian-foundation-2015.1.6-1
meridian-foundation-2015.1.7-1
meridian-foundation-2016.*
meridian-foundation-2016.1.1-1
meridian-foundation-2016.1.10-1
meridian-foundation-2016.1.15-1
meridian-foundation-2016.1.2-1
meridian-foundation-2016.1.3-1
meridian-foundation-2016.1.4-1
meridian-foundation-2016.1.5-1
meridian-foundation-2016.1.6-1
meridian-foundation-2016.1.7-1
meridian-foundation-2016.1.9-1
meridian-foundation-2017.*
meridian-foundation-2017.1.0-1
meridian-foundation-2017.1.10-1
meridian-foundation-2017.1.2-1
meridian-foundation-2017.1.3-1
meridian-foundation-2017.1.4-1
meridian-foundation-2017.1.5-1
meridian-foundation-2018.*
meridian-foundation-2018.1.30-1
meridian-foundation-2018.1.31-1
meridian-foundation-2019.*
meridian-foundation-2019.1.21-1
meridian-foundation-2019.1.22-1
meridian-foundation-2019.1.23-1
meridian-foundation-2019.1.24-1
meridian-foundation-2019.1.25-1
meridian-foundation-2019.1.26-1
meridian-foundation-2019.1.27-1
meridian-foundation-2019.1.28-1
meridian-foundation-2019.1.29-1
meridian-foundation-2019.1.30-1
meridian-foundation-2019.1.31-1
meridian-foundation-2019.1.32-1
meridian-foundation-2019.1.33-1
meridian-foundation-2019.1.34-1
meridian-foundation-2019.1.35-1
meridian-foundation-2019.1.36-1
meridian-foundation-2019.1.37-1
meridian-foundation-2019.1.38-1
meridian-foundation-2019.1.39-1
meridian-foundation-2019.1.40-1
meridian-foundation-2020.*
meridian-foundation-2020.1.10-1
meridian-foundation-2020.1.11-1
meridian-foundation-2020.1.12-1
meridian-foundation-2020.1.13-1
meridian-foundation-2020.1.14-1
meridian-foundation-2020.1.15-1
meridian-foundation-2020.1.16-1
meridian-foundation-2020.1.17-1
meridian-foundation-2020.1.18-1
meridian-foundation-2020.1.19-1
meridian-foundation-2020.1.20-1
meridian-foundation-2020.1.21-1
meridian-foundation-2020.1.22-1
meridian-foundation-2020.1.23-1
meridian-foundation-2020.1.24-1
meridian-foundation-2020.1.25-1
meridian-foundation-2020.1.26-1
meridian-foundation-2020.1.27-1
meridian-foundation-2020.1.28-1
meridian-foundation-2020.1.29-1
meridian-foundation-2020.1.30-1
meridian-foundation-2020.1.31-1
meridian-foundation-2020.1.32-1
meridian-foundation-2021.*
meridian-foundation-2021.1.10-1
meridian-foundation-2021.1.11-1
meridian-foundation-2021.1.12-1
meridian-foundation-2021.1.14-1
meridian-foundation-2021.1.15-1
meridian-foundation-2021.1.16-1
meridian-foundation-2021.1.17-1
meridian-foundation-2021.1.18-1
meridian-foundation-2021.1.19-1
meridian-foundation-2021.1.2-1
meridian-foundation-2021.1.20-1
meridian-foundation-2021.1.21-1
meridian-foundation-2021.1.22-1
meridian-foundation-2021.1.23-1
meridian-foundation-2021.1.24-1
meridian-foundation-2021.1.3-1
meridian-foundation-2021.1.4-1
meridian-foundation-2021.1.5-1
meridian-foundation-2021.1.6-1
meridian-foundation-2021.1.7-1
meridian-foundation-2021.1.8-1
meridian-foundation-2021.1.9-1
meridian-foundation-2022.*
meridian-foundation-2022.1.0-1
meridian-foundation-2022.1.1-1
meridian-foundation-2022.1.10-1
meridian-foundation-2022.1.11-1
meridian-foundation-2022.1.12-1
meridian-foundation-2022.1.13-1
meridian-foundation-2022.1.2-1
meridian-foundation-2022.1.3-1
meridian-foundation-2022.1.4-1
meridian-foundation-2022.1.5-1
meridian-foundation-2022.1.6-1
meridian-foundation-2022.1.7-1
meridian-foundation-2022.1.8-1
meridian-foundation-2022.1.9-1
meridian-foundation-2023.*
meridian-foundation-2023.1.0-1
opennms-1.*
opennms-1.10.0-1
opennms-1.10.1-1
opennms-1.10.10-1
opennms-1.10.11-1
opennms-1.10.12-1
opennms-1.10.13-1
opennms-1.10.14-1
opennms-1.10.2-1
opennms-1.10.3-1
opennms-1.10.4-1
opennms-1.10.5-1
opennms-1.10.6-1
opennms-1.10.7-1
opennms-1.10.8-1
opennms-1.10.9-1
opennms-1.11.0-1
opennms-1.11.1-1
opennms-1.11.3-1
opennms-1.11.90-1
opennms-1.11.91-1
opennms-1.11.92-1
opennms-1.11.93-1
opennms-1.11.94-1
opennms-1.12.0-1
opennms-1.12.1-1
opennms-1.12.2-1
opennms-1.12.3-1
opennms-1.12.4-1
opennms-1.12.5-1
opennms-1.12.6-1
opennms-1.12.7-1
opennms-1.12.8-1
opennms-1.12.9-1
opennms-1.13.0-1
opennms-1.13.1-1
opennms-1.13.2-1
opennms-1.13.3-1
opennms-1.13.4-1
opennms-1.7.9
opennms-1.9.0-1
opennms-1.9.3-2
opennms-1.9.4-1
opennms-1.9.5-1
opennms-1.9.6-1
opennms-1.9.7-1
opennms-1.9.8-1
opennms-1.9.90-1
opennms-1.9.91-1
opennms-1.9.92-1
opennms-1.9.93-1
opennms-14.*
opennms-14.0.0-1
opennms-14.0.1-1
opennms-14.0.2-1
opennms-14.0.3-1
opennms-14.0.3-2
opennms-15.*
opennms-15.0.0-1
opennms-15.0.1-1
opennms-15.0.2-1
opennms-16.*
opennms-16.0.0-1
opennms-16.0.1-1
opennms-16.0.2-1
opennms-16.0.3-1
opennms-16.0.4-1
opennms-17.*
opennms-17.0.0-1
opennms-17.1.0-1
opennms-17.1.1-1
opennms-17.1.1-2
opennms-17.1.1-3
opennms-18.*
opennms-18.0.0-1
opennms-18.0.1-1
opennms-18.0.2-1
opennms-18.0.3-1
opennms-18.0.4-1
opennms-19.*
opennms-19.0.0-1
opennms-19.0.1-1
opennms-19.1.0-1
opennms-20.*
opennms-20.0.0-1
opennms-20.0.1-1
opennms-20.0.2-1
opennms-20.1.0-1
opennms-21.*
opennms-21.0.0-1
opennms-21.0.1-1
opennms-21.0.2-1
opennms-21.0.3-1
opennms-21.0.4-1
opennms-21.0.5-1
opennms-21.1.0-1
opennms-22.*
opennms-22.0.0-1
opennms-22.0.1-1
opennms-22.0.2-1
opennms-22.0.3-1
opennms-22.0.4-1
opennms-23.*
opennms-23.0.0-1
opennms-23.0.1-1
opennms-23.0.2-1
opennms-23.0.3-1
opennms-23.0.4-1
opennms-24.*
opennms-24.0.0-1
opennms-24.1.0-1
opennms-24.1.1-1
opennms-24.1.2-1
opennms-24.1.3-1
opennms-25.*
opennms-25.0.0-1
opennms-25.1.0-1
opennms-25.1.1-1
opennms-25.1.2-1
opennms-25.2.0-1
opennms-25.2.1-1
opennms-26.*
opennms-26.0.0-1
opennms-26.0.1-1
opennms-26.1.0-1
opennms-26.1.1-1
opennms-26.1.2-1
opennms-26.1.3-1
opennms-26.2.0-1
opennms-26.2.1-1
opennms-26.2.2-1
opennms-27.*
opennms-27.0.0-1
opennms-27.0.1-1
opennms-27.0.2-1
opennms-27.0.3-1
opennms-27.0.4-1
opennms-27.0.5-1
opennms-27.1.0-1
opennms-27.1.1-1
opennms-27.2.0-1
opennms-28.*
opennms-28.0.0-2
opennms-28.0.1-1
opennms-28.0.2-1
opennms-28.0.2-2
opennms-28.1.0-1
opennms-28.1.1-1
opennms-29.*
opennms-29.0.0-1
opennms-29.0.1-1
opennms-29.0.10-1
opennms-29.0.2-1
opennms-29.0.3-1
opennms-29.0.4-1
opennms-29.0.5-1
opennms-29.0.6-1
opennms-29.0.7-1
opennms-29.0.8-1
opennms-29.0.9-1
opennms-30.*
opennms-30.0.0-1
opennms-30.0.1-1
opennms-30.0.2-1
opennms-30.0.3-1
opennms-30.0.4-1
opennms-31.*
opennms-31.0.0-1
opennms-31.0.1-1
opennms-31.0.2-1
opennms-31.0.3-1
space-integration-12.*
space-integration-12.2-code-freeze