Nagios XI v5.8.6 exists to contain a cross-site scripting (XSS) vulnerability via the System Performance Settings page under the Admin panel.
nagios nagios xi 5.8.6