Vulnerabilities > Nagios > Favorites

DATE CVE VULNERABILITY TITLE RISK
2021-02-03 CVE-2021-26024 Authorization Bypass Through User-Controlled Key vulnerability in Nagios Favorites
The Favorites component before 1.0.2 for Nagios XI 5.8.0 is vulnerable to Insecure Direct Object Reference: it is possible to create favorites for any other user account.
network
low complexity
nagios CWE-639
5.3
5.3
2021-02-03 CVE-2021-26023 Cross-site Scripting vulnerability in Nagios Favorites
The Favorites component before 1.0.2 for Nagios XI 5.8.0 is vulnerable to XSS.
network
low complexity
nagios CWE-79
6.1
6.1