Fusion Security Vulnerabilities and Issues — Fusion CVE List

Lucene search

NagiosFusion

3 matches found

CVE•added 2021/05/24 1:15 p.m.•45 views

CVE-2020-28911

Incorrect Access Control in Nagios Fusion 4.1.8 and earlier allows low-privileged authenticated users to extract passwords used to manage fused servers via the test_server command in ajaxhelper.php.

6.5CVSS7.9AI score0.07404EPSS

CVE•added 2021/05/24 1:15 p.m.•44 views

CVE-2020-28903

Improper input validation in Nagios Fusion 4.1.8 and earlier allows a remote attacker with control over a fused server to inject arbitrary HTML, aka XSS.

6.1CVSS7.8AI score0.06319EPSS

CVE•added 2018/06/16 1:29 p.m.•42 views

CVE-2018-12501

Nagios Fusion before 4.1.4 has XSS, aka TPS#13332-13335.

6.1CVSS6.3AI score0.03262EPSS