64 matches found
CVE-2020-36862
Nagios XI versions prior to 5.6.11 contain unauthenticated vulnerabilities in the Highcharts local exporting tool. Crafted export requests could 1 inject script into exported/returned content due to insufficient output encoding XSS, and 2 cause the server to fetch attacker-specified URLs SSRF,...
CVE-2021-47700
Nagios XI versions prior to 5.8.7 used a temporary directory for Highcharts exports with overly permissive ownership/permissions under the Apache user. Local or co-hosted processes could read/overwrite export artifacts or manipulate paths, risking disclosure or tampering and potential code...
EUVD-2021-34705
Nagios XI versions prior to 5.8.7 used a temporary directory for Highcharts exports with overly permissive ownership/permissions under the Apache user. Local or co-hosted processes could read/overwrite export artifacts or manipulate paths, risking disclosure or tampering and potential code...
EUVD-2020-30808
Nagios XI versions prior to 5.6.11 contain unauthenticated vulnerabilities in the Highcharts local exporting tool. Crafted export requests could 1 inject script into exported/returned content due to insufficient output encoding XSS, and 2 cause the server to fetch attacker-specified URLs SSRF,...
CVE-2021-47700
Nagios XI versions prior to 5.8.7 used a temporary directory for Highcharts exports with overly permissive ownership/permissions under the Apache user. Local or co-hosted processes could read/overwrite export artifacts or manipulate paths, risking disclosure or tampering and potential code...
CVE-2021-47700
Nagios XI versions prior to 5.8.7 used a temporary directory for Highcharts exports with overly permissive ownership/permissions under the Apache user. Local or co-hosted processes could read/overwrite export artifacts or manipulate paths, risking disclosure or tampering and potential code...
CVE-2020-36862
Nagios XI versions prior to 5.6.11 contain unauthenticated vulnerabilities in the Highcharts local exporting tool. Crafted export requests could 1 inject script into exported/returned content due to insufficient output encoding XSS, and 2 cause the server to fetch attacker-specified URLs SSRF,...
CVE-2020-36862
Nagios XI versions prior to 5.6.11 contain unauthenticated vulnerabilities in the Highcharts local exporting tool. Crafted export requests could 1 inject script into exported/returned content due to insufficient output encoding XSS, and 2 cause the server to fetch attacker-specified URLs SSRF,...
CVE-2020-36862
CVE-2020-36862 affects Nagios XI versions prior to 5.6.11, in the Highcharts local exporting tool. The Red Hat entry confirms unauthenticated vulnerabilities caused by the export feature, allowing (1) script execution in exported content due to insufficient output encoding (XSS) and (2) server-si...
CVE-2020-36862 Nagios XI < 5.6.11 Unauthenticated XSS and SSRF via Highcharts
Nagios XI versions prior to 5.6.11 contain unauthenticated vulnerabilities in the Highcharts local exporting tool. Crafted export requests could 1 inject script into exported/returned content due to insufficient output encoding XSS, and 2 cause the server to fetch attacker-specified URLs SSRF,...
CVE-2020-36862 Nagios XI < 5.6.11 Unauthenticated XSS and SSRF via Highcharts
Nagios XI versions prior to 5.6.11 contain unauthenticated vulnerabilities in the Highcharts local exporting tool. Crafted export requests could 1 inject script into exported/returned content due to insufficient output encoding XSS, and 2 cause the server to fetch attacker-specified URLs SSRF,...
CVE-2021-47700
Nagios XI
CVE-2021-47700 Nagios XI < 5.8.7 Insecure Permissions on Highcharts Temporary Directory
Nagios XI versions prior to 5.8.7 used a temporary directory for Highcharts exports with overly permissive ownership/permissions under the Apache user. Local or co-hosted processes could read/overwrite export artifacts or manipulate paths, risking disclosure or tampering and potential code...
CVE-2021-47700 Nagios XI < 5.8.7 Insecure Permissions on Highcharts Temporary Directory
Nagios XI versions prior to 5.8.7 used a temporary directory for Highcharts exports with overly permissive ownership/permissions under the Apache user. Local or co-hosted processes could read/overwrite export artifacts or manipulate paths, risking disclosure or tampering and potential code...
PT-2025-44468
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.6.11 Description Nagios XI versions prior to 5.6.11 have unauthenticated issues in the Highcharts local exporting tool. Specifically, crafted export requests can lead to insufficient output encoding, resulting in...
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 5.6.11, which stems from an unauthenticated...
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI versions prior to 5.8.7 that stems from improperly set...
PT-2025-44480
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.8.7 Description Nagios XI used a temporary directory for Highcharts exports with overly permissive ownership and permissions under the Apache user. This allowed local or co-hosted processes to read or overwrite...
EUVD-2019-0398
Malware in sbrugna...
EUVD-2021-1014
Malware in sbrugna...