漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
Nagios XI < 5.6.11 Unauthenticated XSS and SSRF via Highcharts
漏洞信息
Nagios XI versions prior to 5.6.11 contain unauthenticated vulnerabilities in the Highcharts local exporting tool. Crafted export requests could (1) inject script into exported/returned content due to insufficient output encoding (XSS), and (2) cause the server to fetch attacker-specified URLs (SSRF), potentially accessing internal network resources. An unauthenticated remote attacker can leverage these issues to execute script in a user's browser when the exported content is viewed and to disclose sensitive information reachable from the export server via SSRF.
漏洞信息
N/A
漏洞
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
漏洞
Nagios XI 安全漏洞
漏洞信息
Nagios XI是美国Nagios公司的一套IT基础设施监控解决方案。该方案支持对应用、服务、操作系统等进行监控和预警。 Nagios XI 5.6.11之前版本存在安全漏洞,该漏洞源于Highcharts本地导出工具存在未经验证的漏洞,可能导致跨站脚本攻击和服务端请求伪造攻击。
漏洞信息
N/A
漏洞
N/A