Publication date: September 24th, 2025
Components: centreon-web
Description:
select2 is a jQuery-based replacement for select boxes. It supports searching, remote data sets, and pagination of results.
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to missing sanitization when HTML templates are used to display remotely-loaded data.
Reference: CVE-2016-10744
CVSS: 6.1
Severity: Medium
Status: Fixes have been provided for all supported versions and it is recommended to update Centreon Web on Central Server:
These versions include cumulative fixes from prior updates.
Stay ahead of potential threats by subscribing to the Security Bulletin section. You’ll receive instant notifications whenever a new bulletin is published, ensuring your infrastructure remains secure and up to date.