CNNVD-202510-1985 Information
CNNVD ID
CNNVD-202510-1985
Related CVE
- CNNVD Published: 2025-10-14
Description (Chinese)
Centreon是法国Centreon公司的一套开源的系统监控工具 。该产品主要提供对网络、系统和应用程序等资源的监控功能。 Centreon 24.10.0版本至24.10.13之前版本、24.04.0版本至24.04.18之前版本和23.10.0版本至23.10.28之前版本存在安全漏洞,该漏洞源于HTTP Loader widget模块输入中和不当,可能导致存储型跨站脚本攻击。
Description (English)
Centreon is an open-source system monitoring tool for Centreon in France. The product mainly provides a monitoring function for resources such as networks, systems and applications. There is a security loophole in the Centreon 24.10.0 to 24.10.13, 24.04.0 to 24.04.18 and 23.10.0 to 23.10.28, which stems from inappropriate input of the HTTP Loader widget module and may result in a storage-type cross-station script attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Centreon
Published
2025-10-14
Last Modified
2026-02-24
References
https://thewatch.centreon.com/latest-security-bulletins-64/cve-2025-8428-centreon-web-all-versions-medium-severity-5103 https://github.com/centreon/centreon/releases https://access.redhat.com/security/cve/cve-2025-8428 https://vigilance.fr/vulnerability/Centreon-Web-multiple-vulnerabilities-dated-24-09-2025-48301
Patch
https://github.com/centreon/centreon/releases
Share on: