Cross-Site Scripting Vulnerability in Nagios XI
CVE-2011-10036
5.1MEDIUM
What is CVE-2011-10036?
Nagios XI prior to version 2011R1.9 is susceptible to a cross-site scripting (XSS) vulnerability due to inadequate validation of the 'backend_url' JavaScript link. This flaw allows attackers to inject malicious scripts, potentially compromising the security of users' browsers by executing arbitrary code within their context. Implementing updates and security patches is crucial to mitigate this risk.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
XI 0 < 2011R1.9
References
CVSS V4
Score:
5.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown
Timeline
Vulnerability published
Vulnerability Reserved
Credit
0a29406d9794e4f9b30b3c5d6702c708