cve/CVE-2019-20139.md at d265b01db84ea263ae08fa7d2c08cb82387c2083

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-07 11:06:19 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

In Nagios XI 5.6.9, XSS exists via the nocscreenapi.php host, hostgroup, or servicegroup parameter, or the schedulereport.php hour or frequency parameter. Any authenticated user can attack the admin user.

POC

Reference

https://code610.blogspot.com/2019/12/multiple-xss-bugs-in-nagios-569.html

Github

No PoCs found on GitHub currently.

700 B Raw Blame History

CVE-2019-20139

Description

POC

Reference

Github

700 B

Raw Blame History