Cross Site Scripting (XSS) in Nagios XI 5.7.1 allows remote malicious users to run arbitrary code via returnUrl parameter in a crafted GET request.
nagios nagios xi 5.7.1