CVE-2012-0936

N/A Unknown
Published: January 29, 2012 Modified: April 29, 2026
View on NVD

Description

Cross-site scripting (XSS) vulnerability in web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java in OpenNMS 1.8.x before 1.8.17, 1.9.93 and earlier, and 1.10.x before 1.10.1 allows remote attackers to inject arbitrary web script or HTML via the Username field, related to login.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://fisheye.opennms.org/browse/opennms/features/springframework-security/src/main/java/org/opennms/web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java?r2=d2ce15470cb6c87c115c918eb86ef147486a9166&r1=80b80e110e4bce568fc2c6c0a15a
Source: cve@mitre.org
http://issues.opennms.org/browse/NMS-5128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel#issue-tabs
Source: cve@mitre.org
Vendor Advisory
http://issues.opennms.org/browse/NMS/fixforversion/10824#atl_token=BCL8-RCDX-MB62-2EZT%7C38eaf469042162355c28f5393587690a8388d556%7Clout&selectedTab=com.atlassian.jira.plugin.system.project%3Aversion-summary-panel
Source: cve@mitre.org
http://issues.opennms.org/browse/NMS/fixforversion/10825
Source: cve@mitre.org
http://osvdb.org/78454
Source: cve@mitre.org
http://secunia.com/advisories/47646
Source: cve@mitre.org
Vendor Advisory
http://www.securityfocus.com/bid/51632
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/72625
Source: cve@mitre.org
http://fisheye.opennms.org/browse/opennms/features/springframework-security/src/main/java/org/opennms/web/springframework/security/SecurityAuthenticationEventOnmsEventBuilder.java?r2=d2ce15470cb6c87c115c918eb86ef147486a9166&r1=80b80e110e4bce568fc2c6c0a15a
Source: af854a3a-2127-422b-91ae-364da2661108
http://issues.opennms.org/browse/NMS-5128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel#issue-tabs
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://issues.opennms.org/browse/NMS/fixforversion/10824#atl_token=BCL8-RCDX-MB62-2EZT%7C38eaf469042162355c28f5393587690a8388d556%7Clout&selectedTab=com.atlassian.jira.plugin.system.project%3Aversion-summary-panel
Source: af854a3a-2127-422b-91ae-364da2661108
http://issues.opennms.org/browse/NMS/fixforversion/10825
Source: af854a3a-2127-422b-91ae-364da2661108
http://osvdb.org/78454
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/47646
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/51632
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/72625
Source: af854a3a-2127-422b-91ae-364da2661108

16 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
2.2%
80th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-79

Affected Vendors

opennms.org

Related CVEs

CVE-2026-9677 N/A
CVE-2026-13245 6.1
CVE-2026-12404 5.3
CVE-2026-10820 N/A
CVE-2026-12415 9.8