FKIE_CVE-2012-0936

Vulnerability from fkie_nvd - Published: 2012-01-29 04:04 - Updated: 2026-04-29 01:13
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java in OpenNMS 1.8.x before 1.8.17, 1.9.93 and earlier, and 1.10.x before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via the Username field, related to login.
References
cve@mitre.orghttp://fisheye.opennms.org/browse/opennms/features/springframework-security/src/main/java/org/opennms/web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java?r2=d2ce15470cb6c87c115c918eb86ef147486a9166&r1=80b80e110e4bce568fc2c6c0a15a
cve@mitre.orghttp://issues.opennms.org/browse/NMS-5128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel#issue-tabsVendor Advisory
cve@mitre.orghttp://issues.opennms.org/browse/NMS/fixforversion/10824#atl_token=BCL8-RCDX-MB62-2EZT%7C38eaf469042162355c28f5393587690a8388d556%7Clout&selectedTab=com.atlassian.jira.plugin.system.project%3Aversion-summary-panel
cve@mitre.orghttp://issues.opennms.org/browse/NMS/fixforversion/10825
cve@mitre.orghttp://osvdb.org/78454
cve@mitre.orghttp://secunia.com/advisories/47646Vendor Advisory
cve@mitre.orghttp://www.securityfocus.com/bid/51632
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/72625
af854a3a-2127-422b-91ae-364da2661108http://fisheye.opennms.org/browse/opennms/features/springframework-security/src/main/java/org/opennms/web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java?r2=d2ce15470cb6c87c115c918eb86ef147486a9166&r1=80b80e110e4bce568fc2c6c0a15a
af854a3a-2127-422b-91ae-364da2661108http://issues.opennms.org/browse/NMS-5128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel#issue-tabsVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://issues.opennms.org/browse/NMS/fixforversion/10824#atl_token=BCL8-RCDX-MB62-2EZT%7C38eaf469042162355c28f5393587690a8388d556%7Clout&selectedTab=com.atlassian.jira.plugin.system.project%3Aversion-summary-panel
af854a3a-2127-422b-91ae-364da2661108http://issues.opennms.org/browse/NMS/fixforversion/10825
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/78454
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/47646Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/51632
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/72625
Impacted products
Vendor Product Version
opennms.org opennms 1.8.0
opennms.org opennms 1.8.1
opennms.org opennms 1.8.2
opennms.org opennms 1.8.3
opennms.org opennms 1.8.4
opennms.org opennms 1.8.5
opennms.org opennms 1.8.6
opennms.org opennms 1.8.7
opennms.org opennms 1.8.8
opennms.org opennms 1.8.9
opennms.org opennms 1.8.10
opennms.org opennms 1.8.11
opennms.org opennms 1.8.12
opennms.org opennms 1.8.13
opennms.org opennms 1.8.14
opennms.org opennms 1.8.15
opennms.org opennms 1.8.16
opennms.org opennms *
opennms.org opennms 0.2
opennms.org opennms 0.3.0
opennms.org opennms 0.4.0
opennms.org opennms 0.6.0
opennms.org opennms 0.6.1
opennms.org opennms 0.6.1--2
opennms.org opennms 0.6.2
opennms.org opennms 0.7.1
opennms.org opennms 0.7.2
opennms.org opennms 0.7.3
opennms.org opennms 0.7.5
opennms.org opennms 0.8.0
opennms.org opennms 0.8.1
opennms.org opennms 0.9.0
opennms.org opennms 0.9.1
opennms.org opennms 0.9.2
opennms.org opennms 0.9.3
opennms.org opennms 0.9.4
opennms.org opennms 0.9.5
opennms.org opennms 0.9.6
opennms.org opennms 0.9.9
opennms.org opennms 1.0.0
opennms.org opennms 1.0.1
opennms.org opennms 1.0.2
opennms.org opennms 1.1.0
opennms.org opennms 1.1.1
opennms.org opennms 1.1.2
opennms.org opennms 1.1.3
opennms.org opennms 1.1.4
opennms.org opennms 1.1.5
opennms.org opennms 1.2.0
opennms.org opennms 1.2.1
opennms.org opennms 1.2.2
opennms.org opennms 1.2.3
opennms.org opennms 1.2.4
opennms.org opennms 1.2.5
opennms.org opennms 1.2.6
opennms.org opennms 1.2.7
opennms.org opennms 1.2.8
opennms.org opennms 1.2.9
opennms.org opennms 1.3.0
opennms.org opennms 1.3.1
opennms.org opennms 1.3.2
opennms.org opennms 1.3.3
opennms.org opennms 1.3.4
opennms.org opennms 1.3.5
opennms.org opennms 1.3.6
opennms.org opennms 1.3.7
opennms.org opennms 1.3.8
opennms.org opennms 1.3.9
opennms.org opennms 1.3.10
opennms.org opennms 1.3.11
opennms.org opennms 1.5.90
opennms.org opennms 1.5.91
opennms.org opennms 1.5.92
opennms.org opennms 1.5.93
opennms.org opennms 1.5.94
opennms.org opennms 1.5.95
opennms.org opennms 1.5.96
opennms.org opennms 1.5.97
opennms.org opennms 1.5.98
opennms.org opennms 1.5.99
opennms.org opennms 1.6.0
opennms.org opennms 1.6.1
opennms.org opennms 1.6.2
opennms.org opennms 1.6.3
opennms.org opennms 1.6.4
opennms.org opennms 1.6.5
opennms.org opennms 1.6.6
opennms.org opennms 1.6.7
opennms.org opennms 1.6.8
opennms.org opennms 1.6.9
opennms.org opennms 1.6.10
opennms.org opennms 1.6.11
opennms.org opennms 1.7.0
opennms.org opennms 1.7.1
opennms.org opennms 1.7.2
opennms.org opennms 1.7.3
opennms.org opennms 1.7.4
opennms.org opennms 1.7.5
opennms.org opennms 1.7.6
opennms.org opennms 1.7.7
opennms.org opennms 1.7.8
opennms.org opennms 1.7.9
opennms.org opennms 1.7.10
opennms.org opennms 1.7.90
opennms.org opennms 1.7.91
opennms.org opennms 1.7.92
opennms.org opennms 1.9.0
opennms.org opennms 1.9.1
opennms.org opennms 1.9.2
opennms.org opennms 1.9.3
opennms.org opennms 1.9.4
opennms.org opennms 1.9.5
opennms.org opennms 1.9.6
opennms.org opennms 1.9.7
opennms.org opennms 1.9.8
opennms.org opennms 1.9.90
opennms.org opennms 1.9.91
opennms.org opennms 1.9.92
opennms.org opennms 1.10.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E825AF81-4946-4C22-8484-52B69CCF4006",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B917DE1-CEA0-4BC4-9697-3A2719E65DC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDFF1558-4EBB-4DE5-B440-B98C2C6DA414",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "418D5C9C-1E98-4D6E-8A97-3871F62C2DCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D318778-18CF-48F4-A20C-FADFCCE05750",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "700B7746-9584-4DFD-8AAF-8D792D5138B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "046E274A-A971-43C2-8388-DC533B193EE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D691D5C3-F5B9-46CE-976E-5A5E732369F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "197B6AED-0069-421D-AAD2-D2C6FA30BD8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.8.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "60DA7B55-C887-4C4A-AA6E-7AB06F8E2429",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.8.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "C83E73C5-2931-4169-9A9B-3E05E7C2EE10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.8.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "315ED0B6-470D-48A6-B18F-DB59330388B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.8.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7216FA4B-57AB-44B9-B09A-B56CAF2F08A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.8.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "1948CF39-A9C7-4DAA-BE1F-302EEB998A22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.8.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AEF986F-4766-45C0-B6CF-C54A9DEB96B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.8.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "31DE064C-9420-4780-A56D-845F939091A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.8.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE36D459-F4B0-45B6-8EF3-4984E01412C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E9B6A3C-CC65-483C-A385-57BB64B1A8BD",
              "versionEndIncluding": "1.9.93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "97EA1897-DF5D-4453-B55D-DD7173F224E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B04A714-C18E-4081-B931-B468EBF99615",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E41B6C69-9CA2-4300-ABC9-0514C3085BBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "73AC5DDC-2836-4292-A61B-278580C00360",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "694086A9-1AC4-4C48-97D5-0817AB85CDCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.6.1--2:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEA8CAF7-BAEB-4881-B9C8-ED9B7504E3B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAE4FE99-ACF9-4EE2-80E6-901F7F997CC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0ECC6AB-1C34-412D-AB6C-D73033890D00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCF80FB3-53A6-4140-8F57-F42659B825E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0829F6AA-76AA-41A7-94BD-422176FBF32C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C264422C-769D-4AA0-B779-987FB2C734AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEAC69AA-6B16-46C5-9141-9F8DE2C23D76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "16FBA8AA-3A2A-467D-A387-906439AA3081",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A46961-3731-4EEF-AA2A-203F3E5F1E00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "61C13E43-A4D6-4A8E-A242-9AE011F842C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "79043AD0-32C1-4461-B632-1E01DA73DDD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E08C0D43-CA27-4767-BB79-40A7B58E1AC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EEB4318-BAA7-407E-B31F-DB870813828A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "21C08F54-37D9-4F3F-BC16-3E45FCB30A84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A830BAC-E473-4F50-BCA0-9BB999DE0C35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:0.9.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA04D901-54D2-4F3B-AD80-EA7F6FF03B3C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "82811A49-992E-4034-B426-CA202EC36E78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B9B8D40-34A6-4405-8C0A-D4819E706677",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB987FB8-F30C-42F4-88D5-7B1FB005FA69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "593A7088-0A25-421C-ACB6-ACC3326A894F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3D55CA3-1EAC-4042-9910-9B03EE9EFE8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "778C09CD-4A28-4509-A2B1-FFA363BAFA43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "88A5E335-D4E3-4CED-8E1D-E6F6180FEDC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE86D63E-9DD9-48A9-94F8-7A4DAC7C213D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C843F51A-9935-4126-BACA-2A6D056552BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9DD1BCA-4782-4629-896C-C5D0864DBE98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B07DB5C-1D6F-4E0B-95D0-438714559B26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AB58BD6-7B40-4AAD-AFF0-E6C545D84F1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "73B904FB-45A7-44DF-8B0C-D21CDD988907",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFEB4C76-58B0-4E6E-9631-61F5538DC01C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E563A970-B22F-4E5A-A14B-724217443AFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D01DD8D-0080-4FC7-AD32-590657EF7392",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "53196AF6-9E5A-48A3-BD55-B4502ED4AB50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "A45346F9-30CD-418C-BB3C-53003287A368",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "1683248D-D9B8-41FC-8F38-749775CDADDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5AAC301-7407-47A3-896D-2406DCBB4E21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBFA2AAA-B6EE-4DA4-9B26-E010B66BB7CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "63750949-CB53-4765-ACC2-B0C07D8AF304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "10FC31B4-782F-47F4-96B3-999FF540A27E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AA5CF2-931B-4C67-B0AD-620E46986C05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A80CAD2-89EC-4301-8122-36D61780E7D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B9EEE4F-4D5B-4278-A8A6-8BCE74868448",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "186B870F-B510-4C29-9938-15C65759CBA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E90D068-7C47-47D5-B7D9-5CADC8EDF981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "90DD9C66-275C-4B8D-86EE-D3AFD5692C84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFE194CE-BCB3-4AEC-A416-6C75815BC5B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1C26D1E-348A-4F52-8253-C5089FBD1DB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.5.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D30261B-96A6-4A53-B769-988A7DC47975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.5.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "3399DFDD-C77C-445B-A5B4-890F8991D513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.5.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "31785E64-3255-49D6-9441-5704D572C14C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.5.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "95126302-E8ED-400E-AAAD-FA97A98FB21A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.5.94:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A2C255E-DD67-44F1-8D68-7C4998564709",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.5.95:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6901626-0EF9-43BD-8647-9431D25DEE05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.5.96:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6E3BEEA-AA2F-4E23-8A73-061657E1FBCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.5.97:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5697608-590A-47AC-A5DA-E7DFA31E1615",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.5.98:*:*:*:*:*:*:*",
              "matchCriteriaId": "89B428E5-E80D-4EA3-B5BE-8927593AF96E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.5.99:*:*:*:*:*:*:*",
              "matchCriteriaId": "B986479B-E15B-4789-9EFC-4A222EA7F664",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2886143-6876-4FD4-B710-7ED54EBEA5C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E11EDEC-766D-4FC6-BE98-50D2FFBB1426",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AA3B886-BB8D-4F3D-A41D-320D94ECF4E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B53105C-B1DD-44B6-A3F4-1D8B40C30DC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "36A5E3A2-BF66-4B96-84A5-35E91090A487",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9B57EDA-3B8E-4C4E-BDC0-DAE2692FB670",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.6.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "6CE32BC6-34D4-43F6-BE43-AE3AF14302C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.6.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "29AB88BD-3518-4629-A12F-B4E8E8E86A35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.6.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DDC9DF7-7E6E-43E1-A968-6F0FE30D6418",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.6.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "7212AF36-4A8F-47C2-9747-E6EC4CA96C6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.6.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "347D132F-1B0A-44A0-B9A8-824A9E27127F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.6.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E004041C-076F-480D-BE1C-A1BA6FD3B91C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C48BCC11-3115-4DED-9ABF-993E5645B99D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "73A00AB9-A3FE-440B-9390-1BE4331ECC6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D51256A-C92F-4F96-99EC-4C9BAA4957B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BD05E31-BBC6-4856-ACCB-9E0231451170",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "56C99610-6DAD-4A59-9FFA-C00525B9DCEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B449BEC7-BC9D-4868-94EF-48EA4F15070C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6F124F6-9104-4754-BE82-A2478A251AA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F24AB63B-DE0C-4FAC-A50B-E5B626753FE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.7.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "62EF8E74-8778-4CDB-8627-9590FD947600",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.7.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "C85D3FAC-73C2-4AF4-A288-41AB98D6FB09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0C3FFBB-3113-4769-AF4C-E288C36DBD97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.7.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F7A3F4B-B6CA-4182-97F2-3FB0D76D7B41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.7.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D8F397A-38FE-4206-B69D-5DB8945CBE18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.7.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7DA6ED3-A403-46E4-BD0D-6754CFF8B09E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "541624B9-6E66-4EB2-BF47-23E9346143C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CCF9B6B-6490-459E-AD76-358C439E8C12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4A3A2CE-FFBB-4B12-8546-42E8127265A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E36561D-BB7E-493E-81AB-D2A78DE9CDE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5682366-174C-4878-A269-BCEBD21B4829",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D55DCB9-A232-4A79-BF82-1FE6397E7097",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "696EF433-E221-49E1-9AC3-E1A22CF65DC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6285A953-78A0-4DB6-AC4B-916253789F40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1922ADA-0DE2-4E92-B65B-6D9B91EFA850",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.9.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB710C7E-9EC6-4CC0-9882-11B0B9A0CA63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.9.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6C474B6-06FB-4B70-9AD0-6F05B9753C08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.9.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EE68672-1005-4274-A408-9149EC6A86C3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:opennms.org:opennms:1.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E823257F-56E8-49AF-B243-C9A2D2BBDD33",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java in OpenNMS 1.8.x before 1.8.17, 1.9.93 and earlier, and 1.10.x before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via the Username field, related to login."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java en OpenNMS v1.8.x antes de v1.8.17, v1.9.93 y anteriores, y v1.10.x antes de v1.10.1 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del campo de nombre de usuario (Username). Se trata de un problema relacionado con el inicio de sesi\u00f3n."
    }
  ],
  "id": "CVE-2012-0936",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-01-29T04:04:45.313",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://fisheye.opennms.org/browse/opennms/features/springframework-security/src/main/java/org/opennms/web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java?r2=d2ce15470cb6c87c115c918eb86ef147486a9166\u0026r1=80b80e110e4bce568fc2c6c0a15a"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://issues.opennms.org/browse/NMS-5128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel#issue-tabs"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://issues.opennms.org/browse/NMS/fixforversion/10824#atl_token=BCL8-RCDX-MB62-2EZT%7C38eaf469042162355c28f5393587690a8388d556%7Clout\u0026selectedTab=com.atlassian.jira.plugin.system.project%3Aversion-summary-panel"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://issues.opennms.org/browse/NMS/fixforversion/10825"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/78454"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/47646"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/51632"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72625"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://fisheye.opennms.org/browse/opennms/features/springframework-security/src/main/java/org/opennms/web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java?r2=d2ce15470cb6c87c115c918eb86ef147486a9166\u0026r1=80b80e110e4bce568fc2c6c0a15a"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://issues.opennms.org/browse/NMS-5128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel#issue-tabs"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://issues.opennms.org/browse/NMS/fixforversion/10824#atl_token=BCL8-RCDX-MB62-2EZT%7C38eaf469042162355c28f5393587690a8388d556%7Clout\u0026selectedTab=com.atlassian.jira.plugin.system.project%3Aversion-summary-panel"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://issues.opennms.org/browse/NMS/fixforversion/10825"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/78454"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/47646"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/51632"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/72625"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.