Cross site scripting

2021-07-3014:15:00

PRIOn knowledge base

www.prio-n.com

0.007 Low

EPSS

Percentile

79.9%

JSON

Nagios Log Server before 2.1.9 contains Reflected XSS in the dropdown box for the alert history and audit log function. All parameters used for filtering are affected. This affects users who open a crafted link or third-party web page.

CPENameOperatorVersion
log_serverlt2.1.9

CPE	Name	Operator	Version
	log_server	lt	2.1.9

References

research.nccgroup.com/2021/07/22/technical-advisory-stored-and-reflected-xss-vulnerability-in-nagios-log-server-cve-2021-35478cve-2021-35479/

research.nccgroup.com/?research=Technical%20advisories

www.nagios.com/downloads/nagios-log-server/change-log/

0.007 Low

EPSS

Percentile

79.9%

JSON

Related for PRION:CVE-2021-35478