Nagios XI < 2009R1.3B Multiple XSS Vulnerabilities
Medium Nessus Network Monitor Plugin ID 5668
SynopsisA vulnerable version of Nagios XI has been detected.
DescriptionVersions of Nagios XI prior to 2009R1.3B are affected by multiple cross-site scripting vulnerabilities due to failure to properly sanitize user input to the 'status' and 'dashboard pages'. A remote attacker could exploit these vulnerabilities by tricking a user into requesting a maliciously crafted URL, resulting in arbitrary code execution.
SolutionUpgrade to Nagios 2009R1.3B or later.