CVE-2021-35501

PandoraFMS <=7.54 allows Stored XSS by placing a payload in the name field of a visual console. When a user or an administrator visits the console, the XSS payload will be executed. Date published : 2021-06-25 http://packetstormsecurity.com/files/163466/Pandora-FMS-7.54-Cross-Site-Scripting.html

https://k4m1ll0.com/cve-pandorafms754-chained-xss-rce.html