2.6
CVSSv2

CVE-2011-2477

Published: 14/06/2011 Updated: 29/08/2017
CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9
VMScore: 231
Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N

Vulnerability Summary

Multiple cross-site scripting (XSS) vulnerabilities in config.c in config.cgi in Icinga prior to 1.4.1, when escape_html_tags is disabled, allow remote malicious users to inject arbitrary web script or HTML via a JavaScript expression, as demonstrated by the onload attribute of a BODY element located after a check-host-alive! sequence, a different vulnerability than CVE-2011-2179.

Vulnerable Product Search on Vulmon Subscribe to Product

icinga icinga 0.8.1

icinga icinga 0.8.4

icinga icinga 1.0.2

icinga icinga 1.2.1

icinga icinga 0.8.3

icinga icinga 0.8.0

icinga icinga 1.3.0

icinga icinga 0.8.2

icinga icinga 1.0.3

icinga icinga 1.3.1

icinga icinga 1.0

icinga icinga

icinga icinga 1.2.0

icinga icinga 1.0.1