exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 3

CVE-2023-53689

3 месяца назад

Nagios Fusion versions prior to 4.2.0 contain a reflected cross-site scripting (XSS) vulnerability in the license key configuration flow that can result in execution of attacker-controlled script in the browser of a user who follows a crafted URL. While the application server itself is not directly corrupted by the reflected XSS, the resulting browser compromise can lead to credential/session theft and unauthorized administrative actions.

CVSS3: 4.8

EPSS: Низкий

GHSA-hfcv-97wg-h7wr

3 месяца назад

Nagios Fusion versions prior to 4.2.0 contain a reflected cross-site scripting (XSS) vulnerability in the license key configuration flow that can result in execution of attacker-controlled script in the browser of a user who follows a crafted URL. While the application server itself is not directly corrupted by the reflected XSS, the resulting browser compromise can lead to credential/session theft and unauthorized administrative actions.

CVSS3: 4.8

EPSS: Низкий

BDU:2025-15969

3 месяца назад

Уязвимость программного средства визуализации рабочего состояния ИТ-инфраструктуры предприятия Nagios Fusion, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю выполнить произвольный код

CVSS3: 8.1

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2023-53689 Nagios Fusion versions prior to 4.2.0 contain a reflected cross-site scripting (XSS) vulnerability in the license key configuration flow that can result in execution of attacker-controlled script in the browser of a user who follows a crafted URL. While the application server itself is not directly corrupted by the reflected XSS, the resulting browser compromise can lead to credential/session theft and unauthorized administrative actions.	CVSS3: 4.8	0% Низкий	3 месяца назад
GHSA-hfcv-97wg-h7wr Nagios Fusion versions prior to 4.2.0 contain a reflected cross-site scripting (XSS) vulnerability in the license key configuration flow that can result in execution of attacker-controlled script in the browser of a user who follows a crafted URL. While the application server itself is not directly corrupted by the reflected XSS, the resulting browser compromise can lead to credential/session theft and unauthorized administrative actions.	CVSS3: 4.8	0% Низкий	3 месяца назад
BDU:2025-15969 Уязвимость программного средства визуализации рабочего состояния ИТ-инфраструктуры предприятия Nagios Fusion, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю выполнить произвольный код	CVSS3: 8.1	0% Низкий	3 месяца назад

Уязвимостей на страницу