Release 2016.1.8 is an update to 2016.1.7 that provides a few security fixes.

The codename for 2016.1.8 is Hammer retroazimuthal.

  • Multiple XSS vulnerabilities in OpenNMS webapp (Issue NMS-9457)
  • opennms-webapp-remoting JARs are not signed (Issue NMS-9638)
  • IOActive: Stored Cross-site Scripting in SNMP Trap Message (Issue NMS-9668)
  • IOActive: Reflected Cross-site Scripting in heatmap/outages heatmap Parameter (Issue NMS-9671)