9 matches found
CVE-2024-14001
Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting XSS via the Executive Summary Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
EUVD-2024-55045
Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting XSS via the Executive Summary Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2024-14001
Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting XSS via the Executive Summary Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2024-14001
Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting XSS via the Executive Summary Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2024-14001 Nagios XI < 2024R1.1.3 XSS via Executive Summary Report
Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting XSS via the Executive Summary Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2024-14001
Nagios XI prior to 2024R1.1.3 is vulnerable to cross-site scripting (XSS) via the Executive Summary Report component. The root cause is insufficient validation or escaping of user-supplied input in that component, allowing an attacker to inject and execute arbitrary script in a victim’s browser. ...
PT-2025-44558
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2024R1.1.3 Description Nagios XI is susceptible to cross-site scripting XSS through the Executive Summary Report component. A lack of proper input validation or escaping could allow an attacker to inject and execute...
What’s New in InsightVM: Q2 2021 in Review
The world is changing rapidly. We hear that phrase a lot. Throughout Q2 though, it really is true. Vaccines have been rolling out, to varying success depending on the part of the world, but there is optimism. As Rapid7 offices begin to open up to our hard-working team members around the globe, we...
Rapid7 Announces General Availability for Scoped Executive Summary Report in InsightVM
Security teams often struggle to demonstrate the efficacy and progress of their organization’s vulnerability and remediation management program. This is a result of the complexity around identifying, collecting, and visualizing complicated metrics. InsightVM’s Executive Summary Report has proved ...