Nagios XI v5.8.6 exists to contain a cross-site scripting (XSS) vulnerability via the MTR component in version 1.0.4.
nagios nagios xi 5.8.6