Multiple cross-site scripting (XSS) vulnerabilities in config.c in config.cgi in (1) Nagios 3.2.3 and (2) Icinga before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the expand parameter, as demonstrated by an (a) command action or a (b) hosts action.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2011-06-14T17:00:00
Updated: 2024-08-06T22:53:17.162Z
Reserved: 2011-05-31T00:00:00
Link: CVE-2011-2179
Vulnrichment
No data.
NVD
Status : Modified
Published: 2011-06-14T17:55:06.437
Modified: 2024-11-21T01:27:45.740
Link: CVE-2011-2179
Redhat
No data.