Vulnerabilities > Nagios > Nagios XI > 2024
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-26 | CVE-2024-24402 | Unspecified vulnerability in Nagios XI 2024 An issue in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted script to the /usr/local/nagios/bin/npcd component. | 9.8 |
| 2024-02-02 | CVE-2023-51072 | Cross-site Scripting vulnerability in Nagios XI A stored cross-site scripting (XSS) vulnerability in the NOC component of Nagios XI version up to and including 2024R1 allows low-privileged users to execute malicious HTML or JavaScript code via the audio file upload functionality from the Operation Center section. | 5.4 |