2 matches found
CVE-2018-17146
A cross-site scripting vulnerability exists in Nagios XI before 5.5.4 via the 'name' parameter within the Account Information page. Exploitation of this vulnerability allows an attacker to execute arbitrary JavaScript code within the auto login admin management page...
CVE-2018-17146
Nagios XI is affected by CVE-2018-17146 up to versions prior to 5.5.4. A cross-site scripting flaw exists in the Account Information page via the name parameter, enabling an attacker to execute arbitrary JavaScript in the auto login admin management page. Remediation: upgrade to version 5.5.4 or ...