2 matches found
CVE-2024-13993
Nagios XI versions prior to 2024R1.1.2 are vulnerable to a reflected cross-site scripting XSS via the login page when accessed with older web browsers. Insufficient validation or escaping of user-supplied input reflected by the login page can allow an attacker to craft a malicious link that, when...
PT-2025-44497
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2024R1.1.2 Description Nagios XI versions prior to 2024R1.1.2 have a flaw where authorization checks are absent when the 'Allow Insecure Logins' option is active. This allows any user to generate valid login...