icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Nagios XI < 2009R1.3B Multiple XSS Vulnerabilities

Medium

Synopsis

A vulnerable version of Nagios XI has been detected.

Description

Versions of Nagios XI prior to 2009R1.3B are affected by multiple cross-site scripting vulnerabilities due to failure to properly sanitize user input to the 'status' and 'dashboard pages'. A remote attacker could exploit these vulnerabilities by tricking a user into requesting a maliciously crafted URL, resulting in arbitrary code execution.

Solution

Upgrade to Nagios 2009R1.3B or later.