4 matches found
Nagios Log Server 2.1.6 Cross Site Scripting
Exploit Title: Nagios Log Server 2.1.6 - Persistent Cross-Site Scripting Date: 2020-08-07 Vendor Homepage: https://www.nagios.com/products/nagios-log-server/ Vendor Changelog: https://www.nagios.com/downloads/nagios-log-server/change-log/ Exploit Author: Jinson Varghese Behanan @JinsonCyberSec...
Nagios Log Server 2.1.6 - Persistent Cross-Site Scripting
Exploit Title: Nagios Log Server 2.1.6 - Persistent Cross-Site Scripting Date: 2020-08-07 Vendor Homepage: https://www.nagios.com/products/nagios-log-server/ Vendor Changelog: https://www.nagios.com/downloads/nagios-log-server/change-log/ Exploit Author: Jinson Varghese Behanan @JinsonCyberSec...
CVE-2020-16157
A Stored XSS vulnerability exists in Nagios Log Server before 2.1.7 via the Notification Methods - Email Users menu...
CVE-2020-16157
Nagios Log Server (versions prior to 2.1.7) contains a Stored XSS vulnerability exploitable via the Notification Methods → Email Users menu. The root cause is insufficient input validation in the web application, allowing injected scripts to be stored and later executed in the admin/user context....