Critical flaws fixed in Nagios Log Server

2025-04-15 10:41

The Nagios Security Team has fixed three critical vulnerabilities affecting popular enterprise log management and analysis platform Nagios Log Server. About the flaws The vulnerabilities, discovered and reported by security researchers Seth Kraft and Alex Tisdale, include: 1. A stored XSS vulnerability (CVE-2025-29471) in the web interface of Nagios Log Server that allows a standard (low-privilege) user to inject a malicious JavaScript payload into their profile’s ’email’ field to achieve privilege escalation. “When an administrator … More → The post Critical flaws fixed in Nagios Log Server appeared first on Help Net Security.

News URL

https://www.helpnetsecurity.com/2025/04/15/critical-flaws-fixed-in-nagios-log-server/

#critical #server #CVE-2025-29471

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2025-04-15	CVE-2025-29471	Cross Site Scripting vulnerability in Nagios Log Server v.2024R1.3.1 allows a remote attacker to execute arbitrary code via a payload into the Email field.	0.0

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Nagios		15	0	62	51	34	147

News URL

Related news

Related Vulnerability

Related vendor