XSS in Pandora Fms

CVE-2026-30812

Improper Neutralization of Input During Web Page Generation vulnerability allows Stored Cross-Site Scripting via event comments. This issue affects Pandora FMS: from 777 through 800

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.000 (10.7th percentile) — read the EPSS interpretation.