A cross-site scripting vulnerability exists in Nagios XI before 5.5.4 via the 'name' parameter within the Account Information page. Exploitation of this vulnerability allows an attacker to execute arbitrary JavaScript code within the auto login admin management page.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-06-19T17:25:16

Updated: 2024-08-05T10:39:59.554Z

Reserved: 2018-09-18T00:00:00

Link: CVE-2018-17146

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-06-19T18:15:11.007

Modified: 2024-11-21T03:53:57.477

Link: CVE-2018-17146

cve-icon Redhat

Severity : Moderate

Publid Date: 2019-06-19T00:00:00Z

Links: CVE-2018-17146 - Bugzilla