Vulnerabilities > Nagios > Favorites > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-03 | CVE-2021-26024 | Authorization Bypass Through User-Controlled Key vulnerability in Nagios Favorites The Favorites component before 1.0.2 for Nagios XI 5.8.0 is vulnerable to Insecure Direct Object Reference: it is possible to create favorites for any other user account. | 5.3 |
2021-02-03 | CVE-2021-26023 | Cross-site Scripting vulnerability in Nagios Favorites The Favorites component before 1.0.2 for Nagios XI 5.8.0 is vulnerable to XSS. | 6.1 |