26 matches found
CVE-2021-47696
Nagios XI versions prior to 5.8.0 are vulnerable to cross-site scripting XSS via BPI config ID handling. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2022-50586
Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting XSS in the BPI component via the info URL field. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2020-36865
Nagios XI versions prior to 5.7.2 are vulnerable to cross-site scripting XSS via the BPI Business Process Intelligence component’s Config Management and Edit Config page. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the...
CVE-2025-34134
Nagios XI versions prior to 2024R1.4.2 contain a remote code execution vulnerability in the Business Process Intelligence BPI component. Insufficient validation and sanitization of administrator-controlled BPI configuration parameters notably bpilogfile and bpiconfigfile allow an authenticated...
EUVD-2021-34703
Nagios XI versions prior to 5.8.0 are vulnerable to cross-site scripting XSS via BPI config ID handling. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2022-50586
Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting XSS in the BPI component via the info URL field. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2021-47696
Nagios XI versions prior to 5.8.0 are vulnerable to cross-site scripting XSS via BPI config ID handling. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2021-47696 Nagios XI < 5.8.0 XSS via BPI Config ID Handling
Nagios XI versions prior to 5.8.0 are vulnerable to cross-site scripting XSS via BPI config ID handling. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2021-47696
Nagios XI prior to 5.8.0 is vulnerable to cross-site scripting (XSS) via BPI config ID handling. The issue arises from insufficient input validation/escaping of user-supplied data in BPI config ID processing, enabling an attacker to inject script executed in a victim’s browser. Affected product: ...
CVE-2021-47696 Nagios XI < 5.8.0 XSS via BPI Config ID Handling
Nagios XI versions prior to 5.8.0 are vulnerable to cross-site scripting XSS via BPI config ID handling. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2022-50586
CVE-2022-50586 affects Nagios XI pre-5.8.9 with stored XSS in the BPI component’s info URL field. Root cause: insufficient validation/escaping of user-supplied input, enabling injection of arbitrary script into a victim’s browser. Impact is described as cross-site scripting in Nagios XI web UI; n...
CVE-2022-50586 Nagios XI < 5.8.9 Stored XSS via BPI Info URL
Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting XSS in the BPI component via the info URL field. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2022-50586 Nagios XI < 5.8.9 Stored XSS via BPI Info URL
Nagios XI versions prior to 5.8.9 are vulnerable to cross-site scripting XSS in the BPI component via the info URL field. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 5.7.2 that stems from the Config Management and...
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 5.8.0, which stems from improper handling o...
PT-2025-44510
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2024R1.4.2 Description Nagios XI versions prior to 2024R1.4.2 have a remote code execution issue in the Business Process Intelligence BPI component. The issue is due to inadequate validation and sanitization of...
PT-2025-44483
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.8.9 Description The software is susceptible to cross-site scripting XSS within the BPI component through manipulation of the info URL field. A lack of proper input validation or escaping could enable an attacker t...
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2024R1.4.2 that stems from insufficient...
EUVD-2015-3660
Malware in sbrugna...
MAL-2024-4832 Malicious code in bpi-utils (PyPI)
--- -= Per source details. Do not edit below this line.=-...