Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/10/31 10:7 p.m.14 views

CVE-2020-36858

Nagios Log Server versions prior to 2.1.6 contain cross-site scripting XSS vulnerabilities via the web interface on the Create User, Edit User, and Manage Host Lists pages. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in t...

5.4CVSS6.3AI score0.00466EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/31 12:30 a.m.5 views

EUVD-2020-30817

Nagios Log Server versions prior to 2.1.6 contain cross-site scripting XSS vulnerabilities via the web interface on the Create User, Edit User, and Manage Host Lists pages. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in t...

5.1CVSS5.8AI score0.00466EPSS
Exploits0References3
NVD
NVD
added 2025/10/30 10:15 p.m.3 views

CVE-2020-36858

Nagios Log Server versions prior to 2.1.6 contain cross-site scripting XSS vulnerabilities via the web interface on the Create User, Edit User, and Manage Host Lists pages. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in t...

5.4CVSS0.00466EPSS
Exploits0References2
OSV
OSV
added 2025/10/30 10:15 p.m.4 views

CVE-2020-36858

Nagios Log Server versions prior to 2.1.6 contain cross-site scripting XSS vulnerabilities via the web interface on the Create User, Edit User, and Manage Host Lists pages. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in t...

5.4CVSS5.9AI score0.00466EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/30 9:26 p.m.7 views

CVE-2020-36858 Nagios Log Server < 2.1.6 XSS via Create User, Edit User, & Manage Host Lists Pages

Nagios Log Server versions prior to 2.1.6 contain cross-site scripting XSS vulnerabilities via the web interface on the Create User, Edit User, and Manage Host Lists pages. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in t...

5.1CVSS0.00466EPSS
Exploits0References2
CVE
CVE
added 2025/10/30 9:26 p.m.17 views

CVE-2020-36858

Nagios Log Server is affected by a cross-site scripting (XSS) vulnerability in versions prior to 2.1.6, exposed via the web interface on Create User, Edit User, and Manage Host Lists pages. The root cause is insufficient validation/escaping of user-supplied input, allowing an attacker to inject a...

5.4CVSS5.9AI score0.00466EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/30 12:0 a.m.3 views

PT-2025-44464

Name of the Vulnerable Software and Affected Versions Nagios Log Server versions prior to 2.1.6 Description Nagios Log Server versions prior to 2.1.6 contain cross-site scripting XSS issues through the web interface on the Create User, Edit User, and Manage Host Lists pages. Insufficient validati...

5.4CVSS6.1AI score0.00466EPSS
Exploits0References4
Rows per page
Query Builder