3 matches found
CVE-2020-25385
Nagios Log Server 2.1.7 contains a cross-site scripting XSS vulnerability in /nagioslogserver/configure/createsnapshot through the snapshotname parameter, which may impact users who open a maliciously crafted link or third-party web page...
CVE-2020-25385
creationtimestamp| type| source ---|---|--- 2021-01-20 07:26:58+00:00| seen| https://t.me/cibsecurity/22326...
CVE-2020-25385
Nagios Log Server 2.1.7 is affected by an XSS in the /nagioslogserver/configure/create_snapshot endpoint via the snapshot_name parameter. Root cause: unsanitized/unfiltered user input passed to that field. Impact: can potentially execute injected scripts when a user opens a malicious link or page...