CVE-2018-11588: Cross-site Scripting
(updated )
Centreon including Centreon Web is vulnerable to an authenticated user injecting a payload into the username or command description, resulting in stored XSS. This is related to www/include/core/menu/menu.php
and www/include/configuration/configObject/command/formArguments.php.
References
Detect and mitigate CVE-2018-11588 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →