GHSA-hg25-64qh-j4f4

Опубликовано: 31 окт. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 5.1

Описание

The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.1.2 / Nagios XI 5.8.4 contains a cross-site scripting (XSS) vulnerability via the lock page functionality. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser.

Ссылки

5.1 Medium

CVSS4

CVE ID

CVE-2021-47692

Дефекты

CWE-79

Связанные уязвимости

CVE-2021-47692

nvd

3 месяца назад

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. It has been identified as a duplicate of https://www.cve.org/CVERecord?id=CVE-2021-33179 .

5.1 Medium

CVSS4

CVE ID

CVE-2021-47692

Дефекты

CWE-79