Nagios Network Analyzer versions prior to 2024R1 contain a stored cross-site scripting (XSS) vulnerability in the Source Groups page (percentile calculator menu). An attacker can supply a malicious payload which is stored by the application and later rendered in the context of other users. When a victim views the affected page the injected script executes in the victim's browser context.

Nagios Network Analyzer versions prior to 2024R1 contain a stored cross-site scripting (XSS) vulnerability in the Source Groups page (percentile calculator menu). An attacker can supply a malicious payload which is stored by the application and later rendered in the context of other users. When a victim views the affected page the injected script executes in the victim's browser context.

Уязвимость программного средства мониторинга и анализа сетевого трафика Nagios Network Analyzer, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю выполнить произвольный код