Centreon Web 2.8.36¶
Bugfix¶
[Configuration] Non-admin users can’t create host/service
Security¶
[Administration/ACL] Cross-site Scripting (XSS) Stored/Persistent in Ressource Access
[Administration/LDAP] XSS stored in the LDAP form
[Authentication] Session is active longer than expected
[Authentication] User enumeration in login page
[Core] 4.2.3 Vulnerable handlebars.js library
[Reporting/Dashboard/Hosts] Cross-site Scripting (XSS) Reflected