4 matches found
Nagios XI < 5.8.6 - Cross-Site Scripting
In Nagios XI before 5.8.6, XSS exists in the dashboard page /dashboards/ when administrative users attempt to edit a dashboard. id: CVE-2021-38156 info: name: Nagios XI 5.8.6 - Cross-Site Scripting author: ritikchaddha severity: medium description: | In Nagios XI before 5.8.6, XSS exists in the...
CVE-2021-38156
creationtimestamp| type| source ---|---|--- 2021-09-15 18:22:33+00:00| seen| https://t.me/cibsecurity/28907 2021-10-05 12:34:09+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/644 2021-10-05 13:51:13+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/645...
CVE-2021-38156
In Nagios XI before 5.8.6, XSS exists in the dashboard page /dashboards/ when administrative users attempt to edit a dashboard...
CVE-2021-38156
Nagios XI prior to 5.8.6 contains a cross-site scripting (XSS) flaw in the dashboard page (/dashboards/#) when an administrator edits a dashboard. The issue is authenticated, allowing injection of JavaScript that could compromise admin sessions or perform privileged actions. A fix is available: u...