CVE-2024-58272

Опубликовано: 30 окт. 2025

Источник: nvd

Описание

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it is a duplicate of CVE-2023-7323.

Связанные уязвимости

GHSA-rf89-4p8m-fgwp

CVSS3: 5.4

github

3 месяца назад

Nagios Log Server versions prior to 2024R1 contain a stored cross-site scripting (XSS) vulnerability where an attacker-supplied username containing JavaScript is stored and later rendered without proper encoding/escaping in admin or user-facing pages. When an authenticated victim loads the affected page, the browser executes the injected script in the victim's context.