In Nagios XI 5.6.9, XSS exists via the nocscreenapi.php host, hostgroup, or servicegroup parameter, or the schedulereport.php hour or frequency parameter. Any authenticated user can attack the admin user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
nagios nagios xi 5.6.9 |