Nagios

Nagios Xi

192 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2023-7315

  • EPSS 0.17%
  • Veröffentlicht 30.10.2025 21:52:33
  • Zuletzt bearbeitet 05.11.2025 18:21:10

Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting (XSS) via the Graph Explorer component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context o...

5.4

CVE-2024-14001

  • EPSS 0.74%
  • Veröffentlicht 30.10.2025 21:52:13
  • Zuletzt bearbeitet 06.11.2025 16:10:43

Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting (XSS) via the Executive Summary Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in...

5.4

CVE-2020-36864

  • EPSS 0.5%
  • Veröffentlicht 30.10.2025 21:51:46
  • Zuletzt bearbeitet 05.11.2025 18:23:59

Nagios XI versions prior to 5.7.2 are vulnerable to cross-site scripting (XSS) via the background color settings in Dashboards. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in...

5.4

CVE-2023-7318

  • EPSS 0.74%
  • Veröffentlicht 30.10.2025 21:51:25
  • Zuletzt bearbeitet 06.11.2025 16:21:11

Nagios XI versions prior to < 2024R1.0.2 are vulnerable to cross-site scripting (XSS) via the Nagios Core Command Expansion page. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script ...

5.4

CVE-2024-14000

  • EPSS 0.74%
  • Veröffentlicht 30.10.2025 21:51:02
  • Zuletzt bearbeitet 06.11.2025 16:12:35

Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting (XSS) via the Capacity Planning Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in...

5.4

CVE-2023-7313

  • EPSS 0.17%
  • Veröffentlicht 30.10.2025 21:50:39
  • Zuletzt bearbeitet 05.11.2025 18:21:31

Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting (XSS) via the Bulk Modifications tool. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of...

5.4

CVE-2020-36865

  • EPSS 0.5%
  • Veröffentlicht 30.10.2025 21:50:14
  • Zuletzt bearbeitet 05.11.2025 18:23:52

Nagios XI versions prior to 5.7.2 are vulnerable to cross-site scripting (XSS) via the BPI (Business Process Intelligence) component’s Config Management and Edit Config page. Insufficient validation or escaping of user-supplied input may allow an att...

5.4

CVE-2021-47696

  • EPSS 0.5%
  • Veröffentlicht 30.10.2025 21:49:49
  • Zuletzt bearbeitet 05.11.2025 18:22:45

Nagios XI versions prior to 5.8.0 are vulnerable to cross-site scripting (XSS) via BPI config ID handling. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a vic...

5.4

CVE-2023-7314

  • EPSS 0.17%
  • Veröffentlicht 30.10.2025 21:49:27
  • Zuletzt bearbeitet 05.11.2025 18:21:21

Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting (XSS) via the Bandwidth Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context...

5.4

CVE-2011-10036

  • EPSS 0.5%
  • Veröffentlicht 30.10.2025 21:49:05
  • Zuletzt bearbeitet 06.11.2025 14:32:23

Nagios XI versions prior to 2011R1.9 are vulnerable to cross-site scripting (XSS) via the handling of the "backend_url" JavaScript link. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary ...