Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A Cross-site scripting (XSS) vulnerability in Nagios XI version 5.11.1 and below allows authenticated attackers with access to the custom logo component to inject arbitrary javascript or HTML via the alt-text field. This affects all pages containing the navbar including the login page which means the attacker is able to to steal plaintext credentials.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Nagios XI 跨站脚本漏洞
Vulnerability Description
Nagios XI是美国Nagios公司的一套IT基础设施监控解决方案。该方案支持对应用、服务、操作系统等进行监控和预警。 Nagios XI 5.11.1及之前版本存在跨站脚本漏洞,该漏洞源于允许经过身份验证的攻击者访问自定义徽标组件,通过 alt-text 字段注入任意 javascript 或 HTML。
CVSS Information
N/A
Vulnerability Type
N/A