CVE-2021-47689
The CVE covers Nagios XI with Core Config Manager (CCM) vulnerable prior to CCM 3.1.0 / Nagios XI 5.8.0. Root cause is insufficient validation/escaping in the Templates pages UI logic that renders Active/Actions buttons, enabling cross-site scripting (XSS) via user-supplied input. Reported impact...