CVE-2018-18247

CVE-2018-18247

Icinga Web 2 before 2.6.2 has XSS via the /icingaweb2/navigation/add icon parameter.

Source: CVE-2018-18247