An issue exists in Nagios XI prior to 5.5.8. The url parameter of rss_dashlet/magpierss/scripts/magpie_simple.php is not filtered, resulting in an XSS vulnerability.
nagios nagios xi