Vulnerabilities > Nagios > Fusion

DATE CVE VULNERABILITY TITLE RISK
2021-05-24 CVE-2020-28911 Insecure Storage of Sensitive Information vulnerability in Nagios Fusion
Incorrect Access Control in Nagios Fusion 4.1.8 and earlier allows low-privileged authenticated users to extract passwords used to manage fused servers via the test_server command in ajaxhelper.php.
network
low complexity
nagios CWE-922
6.5
2018-06-16 CVE-2018-12501 Cross-site Scripting vulnerability in Nagios Fusion
Nagios Fusion before 4.1.4 has XSS, aka TPS#13332-13335.
network
low complexity
nagios CWE-79
6.1