3 matches found
CVE-2023-7316
Nagios XI versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Graph Explorer component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2025-34278
CVE-2025-34278 affects Nagios Network Analyzer (versions prior to 2024R1). The issue is a stored XSS in the Source Groups page (percentile calculator menu) where an attacker-supplied payload is stored and later rendered in other users’ browsers, executing in the victim’s context. The redhat/europ...
PT-2025-44492
Name of the Vulnerable Software and Affected Versions Nagios Network Analyzer versions prior to 2024R1 Description Nagios Network Analyzer is susceptible to a cross-site scripting XSS issue through the Percentile Calculator menu. This occurs due to inadequate validation or escaping of user-provid...