Nagios

Nagios Xi

189 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2023-7318

  • EPSS 0.64%
  • Veröffentlicht 30.10.2025 21:51:25
  • Zuletzt bearbeitet 06.11.2025 16:21:11

Nagios XI versions prior to < 2024R1.0.2 are vulnerable to cross-site scripting (XSS) via the Nagios Core Command Expansion page. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script ...

5.4

CVE-2024-14000

  • EPSS 0.64%
  • Veröffentlicht 30.10.2025 21:51:02
  • Zuletzt bearbeitet 06.11.2025 16:12:35

Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting (XSS) via the Capacity Planning Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in...

5.4

CVE-2023-7313

  • EPSS 0.15%
  • Veröffentlicht 30.10.2025 21:50:39
  • Zuletzt bearbeitet 05.11.2025 18:21:31

Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting (XSS) via the Bulk Modifications tool. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of...

5.4

CVE-2020-36865

  • EPSS 0.43%
  • Veröffentlicht 30.10.2025 21:50:14
  • Zuletzt bearbeitet 05.11.2025 18:23:52

Nagios XI versions prior to 5.7.2 are vulnerable to cross-site scripting (XSS) via the BPI (Business Process Intelligence) component’s Config Management and Edit Config page. Insufficient validation or escaping of user-supplied input may allow an att...

5.4

CVE-2021-47696

  • EPSS 0.43%
  • Veröffentlicht 30.10.2025 21:49:49
  • Zuletzt bearbeitet 05.11.2025 18:22:45

Nagios XI versions prior to 5.8.0 are vulnerable to cross-site scripting (XSS) via BPI config ID handling. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a vic...

5.4

CVE-2023-7314

  • EPSS 0.15%
  • Veröffentlicht 30.10.2025 21:49:27
  • Zuletzt bearbeitet 05.11.2025 18:21:21

Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting (XSS) via the Bandwidth Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context...

5.4

CVE-2011-10036

  • EPSS 0.43%
  • Veröffentlicht 30.10.2025 21:49:05
  • Zuletzt bearbeitet 06.11.2025 14:32:23

Nagios XI versions prior to 2011R1.9 are vulnerable to cross-site scripting (XSS) via the handling of the "backend_url" JavaScript link. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary ...

5.4

CVE-2011-10039

  • EPSS 0.43%
  • Veröffentlicht 30.10.2025 21:48:44
  • Zuletzt bearbeitet 06.11.2025 14:55:20

Nagios XI versions prior to 2011R1.9 are vulnerable to cross-site scripting (XSS) via the Alert Heatmap report and the “My Reports” listing of the web interface. Insufficient validation or escaping of user-supplied input may allow an attacker to inje...

5.4

CVE-2021-47699

  • EPSS 0.43%
  • Veröffentlicht 30.10.2025 21:48:05
  • Zuletzt bearbeitet 05.11.2025 18:22:32

Nagios XI versions prior to 5.8.7 are vulnerable to cross-site scripting (XSS) via the Audit Log page’s Send to NLS form. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the c...

5.4

CVE-2023-53688

  • EPSS 0.07%
  • Veröffentlicht 30.10.2025 21:47:42
  • Zuletzt bearbeitet 05.11.2025 18:21:40

Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting (XSS) and cross-site request forgery (CSRF) via the Hypermap Replay component. An attacker can submit crafted input that is not properly validated or escaped, allowing injectio...