N/A

Multiple cross-site scripting (XSS) vulnerabilities in PNP4Nagios through 0.6.22 allow remote attackers to inject arbitrary web script or HTML via the URI used for reaching (1) share/pnp/application/views/kohana_error_page.php or (2) share/pnp/application/views/template.php, leading to improper handling within an http-equiv="refresh" META element.

N/A

N/A

PNP4Nagios 跨站脚本漏洞

PNP4Nagios是一套通过插件获取性能数据分析并将它们自动存储到RRD数据库中的Nagios插件。 PNP4Nagios 0.6.21及之前版本的share/pnp/application/views/kohana_error_page.php脚本和share/pnp/application/views/template.php脚本中存在跨站脚本漏洞。远程攻击者可利用该漏洞注入任意Web脚本或HTML。

N/A

N/A