Favorites Component up to 1.0.1 on Nagios cross site scripting

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as problematic has been found in Favorites Component up to 1.0.1 on Nagios. Affected is some unknown processing. Upgrading to version 1.0.2 eliminates this vulnerability.

Field02/04/2021 10:54 AM02/23/2021 01:51 PM
nameFavorites ComponentFavorites Component
version<=1.0.1<=1.0.1
platformNagiosNagios
cwe79 (cross site scripting)79 (cross site scripting)
risk11
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_uiRR
cvss3_vuldb_cNN
cvss3_vuldb_iLL
cvss3_vuldb_aNN
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
nameUpgradeUpgrade
upgrade_version1.0.21.0.2
cveCVE-2021-26023CVE-2021-26023
date1612393200 (02/04/2021)1612393200 (02/04/2021)
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_ciNN
cvss2_vuldb_iiPP
cvss2_vuldb_aiNN
cvss2_vuldb_rcCC
cvss2_vuldb_rlOFOF
cvss2_vuldb_auSS
cvss2_vuldb_eNDND
cvss3_vuldb_prLL
cvss3_vuldb_sUU
cvss3_vuldb_eXX
cvss2_vuldb_basescore4.04.0
cvss2_vuldb_tempscore4.03.5
cvss3_vuldb_basescore3.53.5
cvss3_vuldb_tempscore3.53.4
cvss3_meta_basescore3.53.5
cvss3_meta_tempscore3.53.4
price_0day$0-$5k$0-$5k
cve_assigned1611356400
cve_nvd_summaryThe Favorites component before 1.0.2 for Nagios XI 5.8.0 is vulnerable to XSS.
confirm_urlhttps://www.nagios.com/products/security/

Might our Artificial Intelligence support you?

Check our Alexa App!