CVE-2021-33179

EPSS 4.3%CWE-79

The general user interface in Nagios XI versions prior to 5.8.4 is vulnerable to authenticated reflected cross-site scripting. An authenticated victim, who accesses a specially crafted malicious URL, would unknowingly execute the attached payload.

Affected products

Nagios · Nagios XI

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.synopsys.com/blogs/software-security/cyrc-advisory-nagios-xi