CVE-2022-43980

MEDIUM

Pandora FMS < 766 - Stored Cross-Site Scripting in Network Maps Editing

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-43980. PoCs published by Argonx21.

AI-analyzed exploit summary This repository contains a writeup describing a stored XSS vulnerability in PandoraFMS <= v765 RRR. The exploit involves creating a network map with an XSS payload in the name, which executes when an admin user edits the network map.

Description

There is a stored cross-site scripting vulnerability in Pandora FMS v765 in the network maps editing functionality. An attacker could modify a network map, including on purpose the name of an XSS payload. Once created, if a user with admin privileges clicks on the edited network maps, the XSS payload will be executed. The exploitation of this vulnerability could allow an atacker to steal the value of the admin user´s cookie.

Exploits (1)

nomisec WRITEUP
by Argonx21 · poc
https://github.com/Argonx21/CVE-2022-43980

This repository contains a writeup describing a stored XSS vulnerability in PandoraFMS <= v765 RRR. The exploit involves creating a network map with an XSS payload in the name, which executes when an admin user edits the network map.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: PandoraFMS <= v765 RRR
Auth required
Prerequisites: Low privilege user access to create a network map · Admin user interaction to trigger the payload
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 5.2
EPSS 0.0028
EPSS Percentile 19.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-352 CWE-79
Status published
Products (1)
pandorafms/pandora_fms < 766
Published Jan 27, 2023
Tracked Since Feb 18, 2026