2 matches found
Nagios XI Cross-Site Scripting (CVE-2019-20139)
A cross-site scripting vulnerability exists in Nagios XI. Successful exploitation of this vulnerability could allow attackers to execute arbitrary code on the affected system...
CVE-2019-20139
CVE-2019-20139 affects Nagios XI 5.6.9 with a stored/reflected XSS vulnerability exposed via nocscreenapi.php (host, hostgroup, servicegroup parameters) or schedulereport.php (hour or frequency). An authenticated user can exploit this to attack the admin user. The connected documents corroborate ...