Описание
A cross-site scripting (XSS) vulnerability exists in Nagios XI 2024R2. The vulnerability allows remote attackers to execute arbitrary JavaScript in the context of a logged-in user's session via a specially crafted URL. The issue resides in a web component responsible for rendering performance-related data.
Ссылки
- Product
- Release Notes
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:nagios:nagios_xi:2024:r2:*:*:*:*:*:*
EPSS
Процентиль: 59%
0.00375
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
github
6 месяцев назад
A cross-site scripting (XSS) vulnerability exists in Nagios XI 2024R2. The vulnerability allows remote attackers to execute arbitrary JavaScript in the context of a logged-in user's session via a specially crafted URL. The issue resides in a web component responsible for rendering performance-related data.
EPSS
Процентиль: 59%
0.00375
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79