Lucene search

CVE-2020-25385

🗓️ 20 Jan 2021 01:13:15Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 3 Media mentions👁 44 Views🌐 WEB

Nagios Log Server 2.1.7 XSS vulnerability in create_snapsho

Reporter	Title	Published	Views	Family All 3
NVD	CVE-2020-25385	20 Jan 202101:15	–	nvd
Prion	Cross site scripting	20 Jan 202101:15	–	prion
Cvelist	CVE-2020-25385	20 Jan 202100:45	–	cvelist

Nvd

Node

nagios log_serverRange≤2.1.7

Source	Link
github	www.github.com/EmreOvunc/Nagios-Log-Server-2.1.7-Persistent-Cross-Site-Scripting

Parameter	Position	Path	Description	CWE
snapshot_name	query param	/nagioslogserver/configure/create_snapshot	Cross-site scripting (XSS) vulnerability in the snapshot_name parameter which may impact users opening malicious links.	CWE-79

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

20 Jan 2021 01:15Current

5.9Medium risk

Vulners AI Score5.9

CVSS24.3

CVSS36.1

EPSS0.30979

CWE-79