CVE-2016-15049 in Log Serverinformation

Résumé

par MITRE • 31/10/2025

Nagios Log Server versions prior to 1.4.2 are vulnerable to cross-site scripting (XSS) in the Dashboards section when rendering log entries in the Logs table. Untrusted log content was not safely encoded for the output context, allowing attacker-controlled data present in logs to execute script in the victim’s browser within the application origin.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

VulnCheck

Réserver

28/10/2025

Divulgation

31/10/2025

Modérer

accepté

Entrée

VDB-330731

CPE

prêt

CWE

CWE-79 (confirmé)

CVSS

3.5 (VulDB)

EPSS

0.00501

KEV

non

Activités

très faible

Secteur

Hospital, Chemical, ...

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-15049
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-15049
CVE Details	https://www.cvedetails.com/cve/CVE-2016-15049/

◂ Précédent Aperçu Suivant ▸

Might our Artificial Intelligence support you?

Check our Alexa App!