← back
CVE-2018-17146

CVE-2018-17146

EPSS 3.6%
A cross-site scripting vulnerability exists in Nagios XI before 5.5.4 via the 'name' parameter within the Account Information page. Exploitation of this vulnerability allows an attacker to execute arbitrary JavaScript code within the auto login admin management page.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://assets.nagios.com/downloads/nagiosxi/CHANGES-5.TXT