centreon/centreon Security Advisories for 20.04.9 (5)
-
[CRITICAL] Centreon vulnerable to SQL Injection
PKSA-bcws-c8z3-x4hd CVE-2022-3827 GHSA-j5wx-jvw3-j363
Affected version: <22.10.0-beta1
Reported by:
GitHub -
[MEDIUM] Centreon contains cross-site scripting vulnerability via esc_name parameter
PKSA-pdnv-cjzz-v7kw CVE-2022-40044 GHSA-rv5q-72p2-2q24
Affected version: >=22.0.0,<22.04.1|>=21.10.0,<21.10.8|<21.04.16
Reported by:
GitHub -
[HIGH] Centreon SQL Injection vulnerability via esc_name parameter
PKSA-yzgg-m42t-mxn3 CVE-2022-40043 GHSA-25gv-wg6f-6frp
Affected version: >=22.0.0,<22.04.1|>=21.10.0,<21.10.8|<21.04.16
Reported by:
GitHub -
[MEDIUM] Cross-site scripting in Centreon
PKSA-kq2z-fvrd-8wtw CVE-2021-27676 GHSA-r5mf-q76q-f2xq
Affected version: <20.10.7
Reported by:
GitHub -
[MEDIUM] Predictable CSRF tokens in centreon/centreon
PKSA-dd1z-vyhd-6whg CVE-2021-28055 GHSA-7rg4-266c-jqw6
Affected version: <2.8.37|>=19.10.0,<19.10.23|>=20.04.0,<20.04.13|>=20.10.0,<20.10.7
Reported by:
GitHub